Enrich detections with threat intelligence data from AbuseIPDB

Triage GuardDuty alerts and enrich with context

Ingest AWS logs & configs for detections, investigations, and response

Ingest Bitbucket logs, code & configs for detections, investigations, and response

Ingest Jira logs & configs for detections, investigations, and response

Ingest Auth0 events for detections and investigations

Enrich alerts with HR data from BambooHR

Triage CrowdStrike alerts and enrich with context

Ingest logs for detections and investigations from any source

Triage Elastic Security alerts and enrich with context

Ingest Fireblocks crypto events for detections and investigations

Ingest GitHub logs, code & configs for detections, investigations, and response

Ingest GCP logs & configs for detections, investigations, and response

Triage Gmail phishing alerts and enrich with message context

Triage Google SecOps alerts and enrich with context

Triage Google SCC alerts and enrich with context

Ingest Google Workspace activity for detections and investigations

Ingest, triage and expand context for Kandji detections and device information.

Ingest Entra ID identity events for detections, investigations, and response

Triage Entra ID Protection alerts and enrich with identity risk context

Ingest Office365 activity for detections and investigations

Ingest SharePoint collaboration activity for detections and investigations

Orchestrate response notifications and collaboration in Microsoft Teams

Triage Mimecast email security alerts and enrich with message context

Ingest Okta identity events for detections, investigations, and response

Triage ThreatInsights alerts and enrich with authentication risk context

Monitor OpenAI usage events for detections and investigations

Enrich detections with Perplexity threat intelligence context

Triage SentinelOne alerts and enrich with endpoint context

Orchestrate response actions and ticketing automation in ServiceNow

Identify Slack threats, send notifications for response collaboration

Ingest Splunk alerts and correlate detections for triage and investigation

Ingest Sumo Logic alerts and correlate detections for triage and investigation

Orchestrate Tines automated response workflows

Enrich detections with phishing and URL intelligence from URLScan

Enrich detections with malware and file reputation data from VirusTotal

Ingest Wiz cloud posture findings for triage and investigation

Triage Zscaler alerts and enrich with context

Orchestrate response workflows and post-incident tracking in incident.io

Ingest 1Password identity and access logs for detections and investigations

Ingest Cloudflare network events for detections and investigations

Ingest Azure logs & configs for detections, investigations, and response

Triage Defender alerts and enrich with endpoint context

Ingest Sentinel detections and correlate with other telemetry

Triage NGFX alerts and enrich with context

Ingest Salesforce activity for detections and investigations

Ingest Snowflake data access logs for detections and investigations

Enrich alerts with HR data from Workday to enrich context