AbuseIPDB
Integration
Leverage the AbuseIPDB threat intelligence API with this integration.
Active Directory
Integration
Microsoft Active Directory integration facilitates the centralized management and synchronization of Windows user accounts with Security Center's administrator and cardholder accounts.
AirTable
Integration
Airtable can store information in a spreadsheet that's visually appealing and easy-to-use, but it's also powerful enough to act as a database that businesses can use for customer-relationship management (CRM), task management, project planning, and tracking inventory.
Alerts Triage
Use Case
This playbook was made to automatically analyze all incoming threats on Siemplify, encrich it with information and then notify the analyst's via email.
Tools:
Alexa
Integration
The Alexa Web Information Service (AWIS) offers a platform for creating innovative Web solutions and services based on Alexa's vast information about web sites.
AlienVault USM Anywhere
Integration
AlienVault USM Anywhere delivers powerful threat detection, incident response, and compliance management for cloud, on-premises, and hybrid environments.
AlienVault USM Appliance
Integration
USM Appliance includes the essential security capabilities and continuously delivered threat intelligence needed to quickly and easily identify and respond to threats in your physical and virtual infrastructure.
AlienVaultTI
Integration
AlienVaultTI - Powerful Threat Detection, Incident Response & Compliance in One Solution.
Amazon Macie
Integration
Amazon Macie is a powerful security and compliance service that provides an automatic method to detect, identify, and classify data within your AWS account.
Anomali
Integration
Anomali ThreatStream operationalizes threat intelligence, automating collection and integration, and enabling security teams to analyze and respond to threats.
Anomali Staxx
Integration
Anomali STAXX provides bi-directional sharing of threat intelligence from STIX/TAXII sources that are in the cloud (such as Anomali Limo, http://hailataxii.com, an ISAC, or Anomali ThreatStream) or on premise. With Anomali STAXX, you can connect to STIX/TAXII servers, discover and configure their threat feeds, and poll (download) threat intelligence from those feeds. You can also import threat intelligence into Anomali STAXX and push (upload) selected observables to other STIX/TAXII servers.
Any.Run
Integration
Interactive online malware analysis service for dynamic and static research of most types of threats using any environments.
APIVoid
Integration
Database of API services mostly focused on threat analysis and threat intelligence, that can be easily integrated anywhere.
Arcsight
Integration
Real-time threat detection and automated response backed by a powerful, open, and intelligent SIEM (Security Information and Event Management).
ArcSight Logger
Integration
ArcSight Logger is a comprehensive solution for security event log management.
Area1
Integration
Area 1 Horizon, a cloud-based service that stops phishing attacks across all traffic vectors—email, web, or network. Protects users against phishing emails using a cloud-based MTA or cloud APIs/connectors. Protects users against web-based phishing campaigns through a globally distributed, recursive DNS service. Shut downs phishing attacks at your network edge.
Asana
Integration
Asana is a software-as-a-service designed to improve team collaboration and work management. It helps teams manage projects and tasks in one tool. Teams can create projects, assign work to teammates, specify deadlines, and communicate about tasks directly in Asana.
AWS - EC2
Integration
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. Amazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazon’s proven computing environment.
AWS GuardDuty
Integration
Amazon GuardDuty informs you of the status of your AWS environment by producing security findings. GuardDuty helps to detect and manage threats to your AWS system.
AWS IAM Access Analyzer
Integration
AWS IAM Access Analyzer is built on Zelkova, which translates IAM policies into equivalent logical statements, and runs a suite of general-purpose and specialized logical solvers (satisfiability modulo theories) against the problem. Access Analyzer applies Zelkova repeatedly to a policy with increasingly specific queries to characterize classes of behaviors the policy allows, based on the content of the policy. To learn more about satisfiability modulo theories, see Satisfiability Modulo Theories. Access Analyzer does not examine access logs to determine whether…
AWS Identity and Access Management (IAM)
Integration
AWS Identity and Access Management (IAM) enables you to create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.
AWS S3
Integration
Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This means customers of all sizes and industries can use it to store and protect any amount of data for a range of use cases, such as websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics. Amazon S3 provides easy-to-use management features so you can organize your data and configure finely-tuned access controls to…
AWS Security Hub
Integration
AWS Security Hub gives you a comprehensive view of your high-priority security alerts and security posture across your AWS accounts. There are a range of powerful security tools at your disposal, from firewalls and endpoint protection to vulnerability and compliance scanners. But oftentimes this leaves your team switching back-and-forth between these tools to deal with hundreds, and sometimes thousands, of security alerts every day.
AWS WAF
Integration
AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources.
Azure Active Directory
Integration
Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service, which helps your employees sign in and access both internal and external resources.
Azure Security Center
Integration
Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud - whether they're in Azure or not - as well as on premises.
beSECURE
Integration
beSecure is a flexible, accurate, low maintenance Vulnerability Assessment and Management solution that delivers solid security improvements.
BlueLiv
Integration
Blueliv is Europe’s leading cyberthreat intelligence provider. It looks beyond your perimeter, scouring the open, deep and dark web to deliver fresh, automated and actionable threat intelligence to protect the enterprise and manage your digital risk.
Brute Force Attack - Investigation
Use Case
The Use Case helps an analyst on investigating multiple unsuccessful login attempts. If the login failure reason is an incorrect password, automation raises an incident and notifies the IT team
Tools:
BulkWhoIs
Integration
Bulk Whois API is based on a rich experience that the company gained by providing online services to thousands of users worldwide since 2010. For last several years, WHOIS and domain systems are our daily bread. The service knows how they work and how to use them, so that you can care less about it.
CA Service Desk Manager
Integration
CA Service Desk Manager is designed to help IT service desk analysts make every moment count through a dynamic experience so they can deliver great customer service without the fear of overbearing processes or metrics. With the solution, teams can embrace teamwork rather than working from siloed knowledge stashes and disjointed communications.
Carbon Black - Cloud Remediation
Use Case
Automating Carbon Black cloud solutions to detect suspicious CMD activity, investigate its' context, and respond with power automated shell commands via the Carbon Black Cloud Live Response integration.
Tools:
Carbon Black Defense
Integration
Next-generation antivirus + EDR in one cloud-delivered platform that stops commodity malware, advanced malware, non-malware attacks and ransomware
Carbon Black Protection
Integration
Cb Protection delivers application control and critical infrastructure protection to lock down servers, critical systems and fixed-function devices in highly regulated environments.
Carbon Black Response
Integration
Highly scalable, real-time EDR with unparalleled visibility for top security operations centers and incident response teams
Certly
Integration
Determining whether or not a domain or link is malicious.
Check Point - Malware Analysis and Response
Use Case
Combines three Check Point products. Runs analysis of IOCs in SandBlast, enriches across ThreatCloud and additional sources, closes false positives, and updates NGFW's blocklists
Tools:
Check Point CloudGuard
Integration
CloudGuard is a cloud security posture management solution for cloud environments such as Amazon AWS, Microsoft Azure, and Google Cloud Platform. CloudGuard provides network security policy management and automation for your cloud environment across providers, regions and accounts. Organizations trust CloudGuard to ensure that their network security is well defined and understood, and then to enforce that security policy on a continuous basis. In the event of an unauthorized change, (for example, somebody or something attempts to open network ports)…
Check Point Firewall
Integration
VPN-1 is a firewall and VPN product developed by Check Point Software Technologies Ltd. VPN-1 is a stateful firewall which also filters traffic by inspecting the application layer.
Check Point SandBlast
Integration
Protect your organization from zero-day cyber attacks with SandBlast Network, the market’s leading advanced network threat prevention solution. Increase productivity while creating a secure environment with innovative technologies like threat emulation, threat extraction and artificial intelligence.
CheckPoint Threat Reputation
Integration
Leverage the Check Point’s threat intelligence to enrich your SIEM and SOAR solutions and to secure your business applications and websites by using simple RESTful APIs.
Cisco AMP
Integration
Get global threat intelligence, advanced sandboxing, and real-time malware blocking to prevent breaches with Cisco Advanced Malware Protection (AMP). But because you can’t rely on prevention alone, AMP also continuously analyzes file activity across your extended network, so you can quickly detect, contain, and remove advanced malware.
Cisco Firepower Management Center
Integration
Cisco Firepower analyzes your network's vulnerabilities, prioritizes any attacks, and recommends protections so your security team can focus on strategic activities.
Cisco IronPort
Integration
Cisco IronPort Email Security Appliance is an email security gateway product. It is designed to detect and block a wide variety of email-borne threats, such as malware, spam and phishing attempts.
Cisco ISE
Integration
The Cisco Identity Services Engine (ISE) is your one-stop solution to streamline security policy management and reduce operating costs. With ISE, you can see users and devices controlling access across wired, wireless, and VPN connections to the corporate network.
Cisco Orbital
Integration
Cisco Orbital is a service that uses Osquery to provide you and your applications with information about your hosts. Osquery exposes an entire operating system as a relational database that you can query with SQL to gather information about the host. Orbital can be used by both Cisco customers and their applications to query their computers wherever Orbital has been deployed.
Cisco Threat Grid
Integration
Threat Grid combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware.
CiscoUmbrella
Integration
Cisco Umbrella is a cloud security platform that provides the first line of defense against threats on the internet. Protect users in minutes.
Cofense Triage
Integration
With Cofense Triage, prioritize and remediate phishing threats faster. A culture of user-reporting is key to stopping phishing attacks, but your overburdened SOC team needs to prioritize what’s reported. Instead of slowing their efforts with time consuming manual processes—the numerous steps required to find and understand real indicators of threats—automate analysis with Cofense Triage and focus on making decisions to speed remediation.
Connectors
Power-ups
A set of custom connectors created for Siemplify Community to power up automation capabilities.
ConnectWise
Integration
Seamlessly transition projects and tasks to keep your communication flowing without ever worrying about accountability and visibility.
CountryFlags
Integration
Country Flags includes a list of all the countries and their associated flags. You can use this integration to present a country's flag as a base64.