Choose a layout and drag widgets onto your Overview Page to customize it. Widgets placed on the page below can be configured by selecting the symbol.
Loading...
Vendor Name | Interoperablity Description |
---|---|
Active Directory Authentication | Query active directory for user and system details using different attributes like email, username, system name etc. |
Active Directory Query | Query active directory for user, computer and other objects in real time from RSA NetWitness Orchestrator's automated playbooks. |
AlgoSec | RSA NetWitness Orchestrator integrates with AlgoSec BusinessFlow, Firewall Analyzer, and FireFlow. |
AlienVault OTX | RSA NetWitness Orchestrator integrates with AlienVault OTX to enable data enrichment and IOC hunting. |
Amazon Web Services | RSA NetWitness Orchestrator integrates with AWS for managing images, snapshots, and instances. |
Anomali | RSA NetWitness Orchestrator integrates with ThreatStream for forensics and malware analysis. |
Blockade | Blockade brings antivirus-like capabilities to users who run the Chrome browser, blocking malicious resources from being viewed or loaded inside of the browser. |
Blue Turtle | Blue Turtle is one of South Africa’s leading enterprise technology management companies, focused on IT and Service Management solutions. |
BMC RemedyOnDemand | RSA NetWitness Orchestrator integrates with RemedyOnDemand for ticket management. |
Box | RSA NetWitness Orchestrator integrates with Box to manage Box users. |
Carbon Black Defense | Next-generation antivirus + EDR in one cloud-delivered platform that stops range of malware and non-malware attacks. |
Carbon Black Enterprise Protection | Reduced risk and exposure by automating response to security incidents and using rich endpoint data from Carbon Black and automated playbooks from RSA NetWitness Orchestrator. |
Carbon Black Enterprise Response | Query and take action across your enterprise using Carbon Black Live Response from RSA NetWitness Orchestrator's playbooks. |
Censys | Censys lets researchers find specific hosts and create aggregate reports on how devices, websites, and certificates are configured and deployed. |
Check Point Firewall | Automatically update IOC blacklist and change firewall policy from RSA NetWitness Orchestrator Enterprise based on the incident investigation data. |
Check Point SandBlast | RSA NetWitness Orchestrator integrates with Check Point SandBlast to help prevent malware and zero-day attacks. |
Check Point SandBlast Appliance | This integration allows you to query, upload and download data using Check Point Sandblast on a local gateway. |
Cisco AMP | AMP continuously analyzes file activity across your extended network, so you can quickly detect, contain, and remove advanced malware. |
Cisco CloudLock | Cloudlock is a cloud-native CASB that helps protect your cloud users, data, and apps. |
Cisco Email Security | RSA NetWitness Orchestrator integrates with Cisco Email Security to protect against ransomware, business email compromise, spoofing, and phishing. |
Cisco Meraki | RSA NetWitness Orchestrator integrates with Cisco Meraki for device and firewall management. |
Cisco Spark | RSA NetWitness Orchestrator integrates with messaging platform Cisco Spark for user and team management. |
Cisco Threat Grid | Threat Grid combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. |
Cisco Umbrella Investigate | Cisco Umbrella Investigate provides a complete view of Internet domains, IP addresses, and systems to pinpoint attackers’ infrastructures and predict future threats. |
Confer | Collect alerts from Confer and create incidents inside of RSA NetWitness Orchestrator. |
Credence Security | Cyber and IT security technologies and solutions that protect organisations against advanced persistent threats, malicious adversaries and internal malpractice. |
CrowdStrike Falcon Host | Automatically check reputation of files, URL and IP addresses, query endpoint for rich forensics data and take actions back via RSA NetWitness Orchestrator playbooks and from investigation war-room. |
CrowdStrike Falcon Intel | Automatically check reputation of files, URL and IP addresses, query endpoint for rich forensics data and take actions back via RSA NetWitness Orchestrator playbooks. |
CrowdStrike Falcon Streaming | RSA NetWitness Orchestrator integrates with the Falcon Streaming API to provide a constant source of information for real-time threat detection and prevention. |
Cuckoo | Analyze malware using the open source Cuckoo sandbox via automated playbooks. |
CVE Search | RSA NetWitness Orchestrator integrates with CVE Search for vulnerability management. |
CyberArk | RSA NetWitness Orchestrator integrates with CyberArk Application Identity Manager for accounts and credentials. |
Cybereason | This integration enables search for connections and processes on Cybereason. |
Cylance | Automatically check the threat intelligence of files and hashes with the Cylance Inifinity API. |
Cylance | RSA NetWitness Orchestrator integrates with Cylance Infinity for threat intelligence. |
Cysec Cyber Security | Cysec specializes in information security and data communication, providing integration and consulting for a range of technologies. |
Dell SecureWorks | RSA NetWitness Orchestrator integrates with Dell SecureWorks to enable ticket management with Dell's Counter Threat Operations Center. |
Digital Shadows | Digital Shadows monitors and manages an organization's digital risk across the widest range of data sources within the open, deep, and dark web. |
doIT Solutions | doIT solutions GmbH offers turnkey IT security and networking solutions and handle IT projects from the early stage to conception, implementation, and operation. |
Domain Tools | Query cyber threat intelligence data about domains, IP and URLs from DomainTools. |
DRS | ICT services and solutions provider specialising in providing innovation and agility in security, risk management and governance. |
Duo Access | Duo is a comprehensive security solution confirms the identity of users and health of their devices before they connect to your applications. |
DynTek | Optimizing your enterprise through the convergence of business and IT strategy. |
Elasticsearch | Run custom and pre-defined queries against your Elasticsearch instance to look for IOC, analyze logs or other tasks. |
Endgame | Endgame enables endpoint protection built to stop advanced attacks before damage and loss occurs. |
EWS | Search and delete malicious email using EWS API from within RSA NetWitness Orchestrator playbooks. |
Exabeam | Automatically enrich incident data with user risk score and complete session details from Exabeam and trigger responses to watchlist based on investigation. |
F5 Networks | RSA NetWitness Orchestrator integrates with F5 for firewall policy management. |
Farsight Security | RSA NetWitness Orchestrator integrates with Farsight Security to access real-time and historical Passive Domain Name System data. |
FireEye AX | RSA NetWitness Orchestrator integrates with FireEye AX for malware analysis. |
FireEye iSight | RSA NetWitness Orchestrator integrates with FireEye iSight for threat intelligence. |
Forcepoint CASB | RSA NetWitness Orchestrator integrates with Forcepoint CASB to provide visibility and control over sanctioned and unsanctioned cloud apps. |
Forcepoint Triton | Automatically whitelist and blacklist web URLs in Forcepoint Triton from within RSA NetWitness Orchestrator playbooks. |
Giphy | RSA NetWitness Orchestrator integrates with Giphy for displaying GIFs in the War Room to enhance discussions. |
Google Apps | RSA NetWitness Orchestrator integrates with both GSuite and Admin API for authentication and messaging. |
GRR | RSA NetWitness Orchestrator integrates with GRR to enable Rapid Response framework for investigations. |
GuardiCore | RSA NetWitness Orchestrator integrates with GuardiCore to provide data center breach detection. |
Guidance EnCase | RSA NetWitness Orchestrator integrates with EnCase to request scans of specific endpoints. |
Have I Been Pwned? | RSA NetWitness Orchestrator integrates with Have I Been Pwned? to check whether emails or domains have been compromised in recent breaches. |
IBM XFE | Check for reputation of IP addresses, URL and files using IBM X-Force exchange database from automated playbooks and war-room. |
Icebrg | Icebrg reduces risk by accelerating threat detection, triage, and response to rapidly-evolving breaches across global networks. |
iDefense | RSA NetWitness Orchestrator integrates with iDefense for contextual, timely, and actionable security intelligence. |
Imperva | RSA NetWitness Orchestrator integrates with Incapsula to manage sites and IPs. |
Intsights | IntSights delivers rapid, accurate cyberthreat intelligence and incident mitigation in real time. |
ipinfo | RSA NetWitness Orchestrator integrates with the ipinfo.io API to get data about an IP address. |
IsItPhishing | Collaborative web service that provides validation on whether a URL is a phishing page. |
Jamf | RSA NetWitness Orchestrator integrates with Jamf for comprehensive device management. |
Jira Software | RSA NetWitness Orchestrator integrates with Jira for ticket management. |
Joe Security Sandbox | RSA NetWitness Orchestrator integrates with Joe Security Sandbox to automate detonation and malware analysis. |
Kafka | Kafka is an open-source distributed streaming platform. |
Kenna | Kenna is a Risk Intelligence & Vulnerability platform that enables InfoSec teams to prioritize and remediate vulnerabilities faster. |
Koodous | Check Android app samples against the Koodous API using this integration. |
Lastline Analyst | RSA NetWitness Orchestrator integrates with Lastline Analyst for advanced malware isolation and inspection. |
Lockpath | RSA NetWitness Orchestrator integrates with Keylight, an enterprise GRC platform with tools for managing risk and compliance. |
LogRhythm | Create incidents from alarms in Logrhythm automatically and search for logs from within RSA NetWitness Orchestrator interface. |
Mail Listener | Automatically create incidents from the emails in a security mailbox. Custom parsers can trigger different types from same mailbox. |
Mail Sender | Automatically send notification emails for task assignment, incident assignment or other actions from RSA NetWitness Orchestrator. |
Malwr | Analyze files using the Malwr sandbox using this integration. |
McAfee Active Response | RSA NetWitness Orchestrator integrates with McAfee Active Response for comprehensive endpoint detection and response. |
McAfee Advanced Threat Defense | RSA NetWitness Orchestrator integrates with McAfee Advanced Threat Defense for protection against stealthy, zero-day malware. |
McAfee DAM | RSA NetWitness Orchestrator integrates with McAfee Database Activity Monitoring for real-time, reliable protection for business-critical databases. |
McAfee ePO | RSA NetWitness Orchestrator integrates with McAfee ePolicy Administrator for unified policy management. |
McAfee ESM | Import critical alerts from McAFee ESM as incidents into RSA NetWitness Orchestrator and automate response actions. |
McAfee NSM | RSA NetWitness Orchestrator integrates with McAfee NSM for simple, centralized control for distributed network security appliances. |
McAfee Threat Intelligence Exchange | RSA NetWitness Orchestrator integrates with McAfee Threat Intelligence Exchange to optimize threat detection and response. |
McAfee Web Gateway | McAfee Web Gateway delivers high-performance web security through an on-premises appliance that can be deployed both as dedicated hardware and a virtual machine. |
Micro Focus | Micro Focus (specifically, ArcSight) integrates with RSA NetWitness Orchestrator through its ESM SIEM and events logger, allowing seamless creation and update of events. |
Micro Focus Service Support Manager | RSA NetWitness Orchestrator integrates with Micro Focus Service Support Manager for automated IT Service Management. |
Microsoft SQL Server | This integration enables queries to the MSSQL server. |
Mimecast | RSA NetWitness Orchestrator integrates with Mimecast for unified email management. |
MISP | RSA NetWitness Orchestrator integrates with the Malware Information Sharing Platform for threat information sharing. |
Moloch | Moloch is a large scale, open source, full packet capturing, indexing, and database system. |
MXToolBox | This integration enables access of MX records, DNS, blacklists and SMTP diagnostics in one integrated tool. |
MySQL | Run SQL queries for gathering rich information against any MySQL database. |
Navilogic | Navilogic is a dedicated team of experienced, certified professionals with deep knowledge of enterprise and IT programs, services and technologies. |
Nessus | Nessus is a vulnerability scanner for auditors and security analysts by Tenable Network Security. |
nmap | RSA NetWitness Orchestrator integrates with nmap to run scans with the given parameters. |
Okta | RSA NetWitness Orchestrator integrates with Okta's cloud based identity management service. |
OpenPhish | OpenPhish uses proprietary AI algorithms to automatically identify zero-day phishing sites and provide actionable, real-time threat intelligence. |
OpsGenie | RSA NetWitness Orchestrator integrates with OpsGenie for alerting and incident management for Dev and Ops teams. |
OPSWAT Metadefender | The Metadefender multi-scanning engine uses 30+ anti-malware engines to scan files for threats, significantly increasing malware detection. |
OSXCollector | Collect rich forensics data from Mac OSX endpoints using the RSA NetWitness Orchestrator and OSXCollector integration. |
PacketMail | |
PagerDuty | Get user on call or trigger PagerDuty alerts from RSA NetWitness Orchestrator . |
Palo Alto AutoFocus | RSA NetWitness Orchestrator integrates with AutoFocus for threat intelligence, analysis, and prevention workflows. |
Palo Alto LightCyber Magna | RSA NetWitness Orchestrator's integration with LightCyber empowers you to stop active attackers and malware operating inside your network. |
Palo Alto Panorama | RSA NetWitness Orchestrator integrates with Palo Alto Panorama for network security and firewall management. |
Palo Alto WildFire | Automate data enrichment and analysis with RSA NetWitness Orchestrator's playbooks and Palo Alto Networks' WildFire. |
Payload Security | RSA NetWitness Orchestrator integrates with VxStream Sandbox from Payload Security for fully automated malware analysis. |
Performanta | Performanta, the global purple tribe, delivering the bedrock of quality managed cyber security services and consulting to our customers, enabling them to do business safely. |
PhishMe | RSA NetWitness Orchestrator integrates with PhishMe for human-vetted, phishing-specific threat intelligence. |
PhishTank | RSA NetWitness Orchestrator integrates with PhishTank to check URL reputation. |
Pipl | Automatically search for people details based on various attributes like email. |
PostgreSQL | This integration allows users to query the PostgreSQL database. |
ProtectWise | RSA NetWitness Orchestrator playbooks use data collected by ProtectWise for hunting file, IP, domain and other indicators, enabling fast and accurate responses to incidents. |
QRadar | QRadar from IBM Security is an integrated analytics platform that streamlines critical capabilities into common workflows and helps increase analyst efficiency. |
Qualys | RSA NetWitness Orchestrator integrates with Qualys for network security and vulnerability management. |
Rapid7 Nexpose | Collect vulnerability data and initiate incidents upon discovery of major vulnerabilities in sensitive systems. |
Rekall | Conduct memory analysis using Rekall with real-time interactive ChatOps. |
RemoteAccess | Use SSH and WMI to run actions on compromised endpoints via automated playbooks or from investigation war-room. |
RiskIQ PassiveTotal | RSA NetWitness Orchestrator integrates with PassiveTotal from RiskIQ for threat infrastructure analysis from a variety of sources. |
RSA Archer | RSA NetWitness Orchestrator integrates with RSA Archer for policy management. |
RSA NetWitness | RSA provides an evolved SIEM and threat defense offering to overcome SOCs' biggest challenges through automation and response. |
rSolutions | rSolutions is a leading cyber security firm strategically aligned with best of breed security vendors to assist clients in securing their enterprises. |
Salesforce | RSA NetWitness Orchestrator integrates with Salesforce CRM Services for object management. |
SAML | Single sign-on support for any SAML 2.0 supported provider. |
Sayers | Sayers provides customers with the right IT solutions, including cloud and virtualization, data center storage, security, mobility, and professional services. |
Secdo | Secdo's automated incident response platform hunts threats in real time and delivers an endpoint detection and response solution. |
Secure Controls | SecureControls makes IT Security more effective, easier, and more efficient. |
SentinelOne | Collect high severity alerts and run advanced queries against endpoints from RSA NetWitness Orchestrator server. |
ServiceNow | Create and update tickets from RSA NetWitness Orchestrator playbooks automatically. |
Shodan | Shodan is a search engine for Internet-connected devices integrated with RSA NetWitness Orchestrator for data enrichment. |
Slack | Send notifications to Slack (direct messages and channels) for new incidents, assigned incidents and assigned tasks from RSA NetWitness Orchestrator. |
SMSAM Systems | Leading pan-African cybersecurity consultancy partnering with large financial services firms and businesses across other verticals. |
Splunk | Import critical alerts as incidents and search for relevant data from RSA NetWitness Orchestrator. |
Sumo Logic | RSA NetWitness Orchestrator integrates with Sumo Logic to provide a cloud-based service for logs and metrics management. |
Symantec ATP | RSA NetWitness Orchestrator integrates with Symantec ATP for advanced threat protection. |
Symantec Endpoint Protection | Artificial intelligence fused with critical endpoint technologies deliver the most complete endpoint security on the planet. |
Symantec MSS | Leverage the power of Symantec Managed Security Services for continual threat monitoring and 24x7 customized guidance. |
Tanium | Search and run queries against Tanium server from playbooks or via ChatOps enabled war-room within RSA NetWitness Orchestrator. |
TCPIPUtils | RSA NetWitness Orchestrator integrates with TCPIPUtils for comprehensive enrichment and reputation checks for domains, IPs, and providers. |
Threat Central | Automatically enrich incidents with latest intelligence from Threat Central for IP address, URL and other indicators. |
Threat Crowd | RSA NetWitness Orchestrator's integration with Threat Crowd enables report queries on a wide variety of indicators. |
ThreatConnect | RSA NetWitness Orchestrator integrates with ThreatConnect to find threats, evaluate risk, and mitigate harm to your organization. |
ThreatExchange by Facebook | Learn more about threats & make your systems safer with the ThreatExchange API by Facebook, within RSA NetWitness Orchestrator playbooks. |
Trend Micro | RSA NetWitness Orchestrator integrates with Trend Micro to help eliminate security gaps across any user activity and endpoint. |
Twilio | Twilio is a cloud communication platform for building messages applications at scale. |
urlscan.io | RSA NetWitness Orchestrator integrates with urlscan.io to help scan websites for reputation. |
Vectra | Vectra AI uses data science, machine learning, and human proficiency to provide automated threat detection, triage and correlation 24/7 across the entire enterprise. |
Venafi | RSA NetWitness Orchestrator integrates with Venafi for key management and certificate management actions. |
Verodin | This integration allows users to manage Verodin simulations and topology. |
Virus Total | Check for reputation of IP addresses, URL and files using VirusTotal database from automated playbooks and war-room. |
VMRay | RSA NetWitness Orchestrator integrates with VMRay for agentless threat analysis and detection. |
VMWare vCenter Server | VMware vCenter Server is a centralized management application that lets you manage virtual machines and ESXi hosts centrally. |
Volatility | Use volatility to analyze memory dumps for infected systems as part of playbook automations or interactive ChatOps commands. |
Whois | Enrich all the indicators related to an incident with the relevant whois information automatically. |
Zendesk Help Center | Integrated help with knowledge base articles available within RSA NetWitness Orchestrator. |
Zscaler Cloud Security | Zscaler is a cloud security solution built for performance and flexible scalability. |