You can download a static list of currently available integrations to take away with you, or check out the Integrating your Tools page for the latest set of tools available for integration.
SOC.OS can integrate with any security tool that:
- Produces alerts (as opposed to event logs) in a machine-readable format such as CEF, LEEF, JSON, comma-delimited, system-specific format, etc.
- Can forward these alerts to the SOC.OS Agent via syslog, or offers an external API endpoint/stream that the SOC.OS cloud platform can collect alerts from.
That covers most security tools available on the market.
We often find users integrate their most frequently used tools first, then remember some additional tools they'd like to add later. As a reminder, this might include (but is not limited to):
- Next-Generation Firewalls (NGFW)
- Firewall Intrusion Detection Systems (IDS)
- Firewall Intrusion Protection Systems (IPS)
- Endpoint Detection, e.g. Antivirus (AV)
- Network Monitoring & Security Tools
- Cloud Monitoring & Security Tools
- Authentication Providers
- Email Security Providers
Don’t see your security tool listed? We’re constantly integrating with new security solutions.
Contact us at firstname.lastname@example.org about integrating with tools not listed here.