Integrations
Threat intelligence integrations
Push thousands of curated, high-confidence IOCs a day straight into the tools your SOC already runs, with no manual imports and no custom queries. Native delivery to SIEMs, firewalls and threat intelligence platforms.
Feed delivery pipeline
Operational intelligence, wired into your stack
Curated indicators, malware classifications, and C2 infrastructure flow into the tools your SOC already uses.
Threat intelligence platforms
Enrich, correlate and pivot on our indicators in your TIP.
MISP
High-confidence, curated indicators for malware, C2 and phishing infrastructure, delivered as native MISP feeds so your analysts correlate real threats instead of triaging noise.
Learn moreOpenCTI
Native OpenCTI streaming: STIX 2.1 bundles served as TAXII collections, continuously updated.
Learn moreMaltego
Pivot from IOCs to malware families, C2 infrastructure and related context inside Maltego investigations.
Learn moreSIEM & firewall
Push curated IOCs straight into the platforms your SOC monitors.
Standards & delivery
Wire up almost any tool over open, widely-supported formats.
Get in touch
Need help with an integration?
We support most major SIEM and firewall products via STIX/TAXII, MISP and a REST API. Tell us what you run and we'll point you to the right delivery method or help you wire it up.