| AS-CrowdstrikeAlerts-Integration |
๐ Standalone |
1 |
1 |
| AS-Datadog-Events-Integration |
๐ Standalone |
1 |
1 |
| AS-Edgescan-Integration-Assets |
๐ Standalone |
1 |
1 |
| AS-Edgescan-Integration-Hosts |
๐ Standalone |
1 |
1 |
| AS-Edgescan-Integration-Vulnerabilities |
๐ Standalone |
1 |
1 |
| AS-MuleSoft-Integration |
๐ Standalone |
1 |
1 |
| Atlassian Beacon Integration |
Integration for Atlassian Beacon |
1 |
1 |
| AutoConnect-ASCSubscriptions |
๐ Standalone |
1 |
1 |
| Censys Ad-Hoc IOC Lookup |
Censys |
1 |
7 |
| Censys Add Incident Comment |
Censys |
1 |
3 |
| Censys Alert Enrichment |
Censys |
1 |
3 |
| Censys Alert Rescan |
Censys |
1 |
2 |
| Censys Entity Enrichment - Certificate |
Censys |
1 |
1 |
| Censys Entity Enrichment - Host |
Censys |
1 |
1 |
| Censys Entity Enrichment - Web Property |
Censys |
1 |
1 |
| Censys Host History |
Censys |
1 |
1 |
| Censys Incident Enrichment |
Censys |
1 |
3 |
| Censys Related Infrastructure |
Censys |
1 |
1 |
| Censys Rescan |
Censys |
1 |
2 |
| Cyjax Ad Hoc Enrichment |
Cyjax |
1 |
1 |
| Cyjax Data Breaches |
Cyjax |
1 |
1 |
| Cyjax Domain Monitor |
Cyjax |
1 |
1 |
| FileHash Enrichment - Virus Total Report - Alert Triggered |
VirusTotal |
1 |
2 |
| FileHash Enrichment - Virus Total Report - Incident Triggered |
VirusTotal |
1 |
2 |
| Get-AlertEntitiesEnrichment |
๐ GitHub Only |
0 |
1 |
| Get-MDEFileActivityWithin30Mins |
๐ GitHub Only |
1 |
1 |
| Get-MDEProcessActivityWithin30Mins |
๐ GitHub Only |
1 |
1 |
| Get-MerakiData-configurationChanges |
๐ Standalone |
1 |
1 |
| Get-MerakiData-OrgSecurityEvents |
๐ Standalone |
1 |
1 |
| Get-NamedLocations |
๐ GitHub Only |
1 |
1 |
| Get-O365Data |
๐ Standalone |
1 |
1 |
| Get-SecureScore-Information |
๐ GitHub Only |
1 |
6 |
| Get-TenableVlun |
๐ Standalone |
1 |
0 |
| GIBTIA_APT_ThreatActor |
Group-IB |
1 |
3 |
| GIBTIA_APT_Threats |
Group-IB |
1 |
4 |
| GIBTIA_Attacks_ddos |
Group-IB |
1 |
3 |
| GIBTIA_Attacks_deface |
Group-IB |
1 |
3 |
| GIBTIA_Attacks_phishing |
Group-IB |
1 |
3 |
| GIBTIA_Attacks_phishing_kit |
Group-IB |
1 |
3 |
| GIBTIA_BP_phishing |
Group-IB |
1 |
4 |
| GIBTIA_BP_phishing_kit |
Group-IB |
1 |
3 |
| GIBTIA_Compromised_account |
Group-IB |
1 |
4 |
| GIBTIA_Compromised_card |
Group-IB |
1 |
4 |
| GIBTIA_Compromised_imei |
Group-IB |
1 |
4 |
| GIBTIA_Compromised_mule |
Group-IB |
1 |
4 |
| GIBTIA_HI_Threat |
Group-IB |
1 |
4 |
| GIBTIA_HI_Threat_Actor |
Group-IB |
1 |
4 |
| GIBTIA_Malware_cnc |
Group-IB |
1 |
4 |
| GIBTIA_Malware_Targeted_Malware |
Group-IB |
1 |
4 |
| GIBTIA_OSI_GitLeak |
Group-IB |
1 |
4 |
| GIBTIA_OSI_PublicLeak |
Group-IB |
1 |
4 |
| GIBTIA_OSI_Vulnerability |
Group-IB |
1 |
4 |
| GIBTIA_Suspicious_ip_open_proxy |
Group-IB |
1 |
4 |
| GIBTIA_Suspicious_ip_socks_proxy |
Group-IB |
1 |
4 |
| GIBTIA_Suspicious_ip_tor_node |
Group-IB |
1 |
4 |
| GreyNoise-IP-CommunityEnrichment |
๐ Standalone |
1 |
2 |
| GreyNoise-IP-Enrichment |
๐ Standalone |
1 |
2 |
| Guardicore-Import-Assets |
๐ Standalone |
1 |
1 |
| Guardicore-Import-Incidents |
๐ Standalone |
1 |
1 |
| Infoblox SOC Get Insight Details |
Infoblox SOC Insights |
1 |
5 |
| Infoblox SOC Get Open Insights API |
Infoblox SOC Insights |
1 |
0 |
| Infoblox-Config-Insight-Details |
Infoblox |
1 |
0 |
| Infoblox-Config-Insights |
Infoblox |
1 |
1 |
| Infoblox-Get-Host-Name |
Infoblox |
1 |
0 |
| Infoblox-Get-IP-Space-Data |
Infoblox |
1 |
0 |
| Infoblox-Get-Service-Name |
Infoblox |
1 |
1 |
| Infoblox-SOC-Get-Insight-Details |
Infoblox |
1 |
5 |
| Infoblox-SOC-Get-Open-Insights-API |
Infoblox |
1 |
0 |
| Infoblox-TIDE-Lookup |
Infoblox |
1 |
1 |
| Ingest-Prisma |
๐ Standalone |
1 |
1 |
| IP Enrichment - Virus Total Report - Incident Triggered |
VirusTotal |
1 |
2 |
| IP Enrichment - Virus Total Report - Alert Triggered |
VirusTotal |
1 |
2 |
| OktaEvents-to-Sentinel |
๐ Standalone |
1 |
1 |
| Put CanaryTokens webhook alerts to Custom Logs table |
๐ Standalone |
1 |
1 |
| RecordedFuture-Alert-Importer |
Recorded Future |
1 |
1 |
| RecordedFuture-Playbook-Alert-Importer |
Recorded Future |
1 |
1 |
| RecordedFuture-ThreatMap-Importer |
Recorded Future |
1 |
1 |
| RecordedFuture-ThreatMapMalware-Importer |
Recorded Future |
1 |
1 |
| ReversingLabs-CheckQuota |
ReversingLabs |
1 |
7 |
| RFI-lookup-and-save-user |
Recorded Future Identity |
1 |
0 |
| RFI-Playbook-Alert-Importer-LAW |
Recorded Future Identity |
1 |
2 |
| RFI-Playbook-Alert-Importer-LAW-Sentinel (DEPRECATED) |
Recorded Future Identity |
1 |
1 |
| RFI-search-external-user |
Recorded Future Identity |
1 |
1 |
| RFI-search-workforce-user |
Recorded Future Identity |
1 |
2 |
| Rubrik File Object Context Analysis |
RubrikSecurityCloud |
1 |
2 |
| Rubrik Retrieve User Intelligence Information |
RubrikSecurityCloud |
1 |
2 |
| Search for Breaches - ShadowByte Aria |
ShadowByte Aria |
1 |
1 |
| Send-UrlReport |
๐ Standalone |
1 |
1 |
| SlashNext Security Events for Microsoft Sentinel - Get customer incidents and log |
SlashNext SIEM |
0 |
3 |
| SpyCloud Watachlist data - SpyCloud Enterprise |
SpyCloud Enterprise Protection |
1 |
2 |
| Summarize Data for DNS Essentials Solution |
DNS Essentials |
1 |
2 |
| Summarize Data for Network Session Essentials |
Network Session Essentials |
1 |
9 |
| Summarize Web Session Data |
Web Session Essentials |
1 |
4 |
| Team Cymru Scout Enrich Incident |
Team Cymru Scout |
1 |
6 |
| Team Cymru Scout Live Investigation |
Team Cymru Scout |
1 |
21 |
| Thinkst Canary Microsoft Sentinel Alert Integration |
๐ Standalone |
1 |
0 |
| URL Enrichment - Virus Total Domain Report - Alert Triggered |
VirusTotal |
1 |
2 |
| URL Enrichment - Virus Total Domain Report - Incident Triggered |
VirusTotal |
1 |
2 |
| URL Enrichment - Virus Total Report - Alert Triggered |
VirusTotal |
1 |
2 |
| URL Enrichment - Virus Total Report - Incident Triggered |
VirusTotal |
1 |
2 |
| Vaikora to Microsoft Defender for Cloud |
VaikoraSecurityCenter |
1 |
1 |