Integrations
Threat intelligence integrations
Push thousands of curated, high-confidence IOCs a day straight into the tools your SOC already runs, with no manual imports and no custom queries. Native delivery to SIEMs, firewalls and threat intelligence platforms.
Feed delivery pipeline
Operational intelligence, wired into your stack
Curated indicators, malware classifications, and C2 infrastructure flow into the tools your SOC already uses.
Threat intelligence platforms
Enrich, correlate and pivot on our indicators in your TIP.
MISP
High-confidence, curated indicators for malware, C2 and phishing infrastructure, delivered as native MISP feeds so your analysts correlate real threats instead of triaging noise.
Learn moreOpenCTI
Every indicator arrives linked to the malware and campaign it belongs to, with stable STIX IDs so it merges into your existing entities instead of piling up duplicates.
Learn moreMaltego
Pivot from IOCs to malware families, C2 and phishing infrastructure, and related context inside Maltego investigations.
Learn moreSIEM & firewall
Push curated IOCs straight into the platforms your SOC monitors.
Microsoft Sentinel
Curated, high-confidence indicators delivered into Sentinel's threat intelligence, each carrying the malware, C2 and phishing context your analysts need to triage a match fast.
Learn moreFortiGate
Curated threat intelligence delivered straight into your FortiGate next-gen firewall. Block malicious domains, IPs and hashes from the console.
Learn moreStandards & delivery
Wire up almost any tool over open, widely-supported formats.
Get in touch
Need help with an integration?
We support most major SIEM and firewall products via STIX/TAXII, MISP and a REST API. Tell us what you run and we'll point you to the right delivery method or help you wire it up.