Choose a layout and drag widgets onto your Overview Page to customize it. Widgets placed on the page below can be configured by selecting the symbol.
Loading...
| Vendor Name | Interoperablity Description |
|---|---|
| Active Directory Authentication | Query active directory for user and system details using different attributes like email, username, system name etc. |
| Active Directory Query | Query active directory for user, computer and other objects in real time from RSA NetWitness Orchestrator's automated playbooks. |
| AlgoSec | RSA NetWitness Orchestrator integrates with AlgoSec BusinessFlow, Firewall Analyzer, and FireFlow. |
| AlienVault OTX | RSA NetWitness Orchestrator integrates with AlienVault OTX to enable data enrichment and IOC hunting. |
| Amazon Web Services | RSA NetWitness Orchestrator integrates with AWS for managing images, snapshots, and instances. |
| Anomali | RSA NetWitness Orchestrator integrates with ThreatStream for forensics and malware analysis. |
| Blockade | Blockade brings antivirus-like capabilities to users who run the Chrome browser, blocking malicious resources from being viewed or loaded inside of the browser. |
| Blue Turtle | Blue Turtle is one of South Africa’s leading enterprise technology management companies, focused on IT and Service Management solutions. |
| BMC RemedyOnDemand | RSA NetWitness Orchestrator integrates with RemedyOnDemand for ticket management. |
| Box | RSA NetWitness Orchestrator integrates with Box to manage Box users. |
| Carbon Black Defense | Next-generation antivirus + EDR in one cloud-delivered platform that stops range of malware and non-malware attacks. |
| Carbon Black Enterprise Protection | Reduced risk and exposure by automating response to security incidents and using rich endpoint data from Carbon Black and automated playbooks from RSA NetWitness Orchestrator. |
| Carbon Black Enterprise Response | Query and take action across your enterprise using Carbon Black Live Response from RSA NetWitness Orchestrator's playbooks. |
| Censys | Censys lets researchers find specific hosts and create aggregate reports on how devices, websites, and certificates are configured and deployed. |
| Check Point Firewall | Automatically update IOC blacklist and change firewall policy from RSA NetWitness Orchestrator Enterprise based on the incident investigation data. |
| Check Point SandBlast | RSA NetWitness Orchestrator integrates with Check Point SandBlast to help prevent malware and zero-day attacks. |
| Check Point SandBlast Appliance | This integration allows you to query, upload and download data using Check Point Sandblast on a local gateway. |
| Cisco AMP | AMP continuously analyzes file activity across your extended network, so you can quickly detect, contain, and remove advanced malware. |
| Cisco CloudLock | Cloudlock is a cloud-native CASB that helps protect your cloud users, data, and apps. |
| Cisco Email Security | RSA NetWitness Orchestrator integrates with Cisco Email Security to protect against ransomware, business email compromise, spoofing, and phishing. |
| Cisco Meraki | RSA NetWitness Orchestrator integrates with Cisco Meraki for device and firewall management. |
| Cisco Spark | RSA NetWitness Orchestrator integrates with messaging platform Cisco Spark for user and team management. |
| Cisco Threat Grid | Threat Grid combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. |
| Cisco Umbrella Investigate | Cisco Umbrella Investigate provides a complete view of Internet domains, IP addresses, and systems to pinpoint attackers’ infrastructures and predict future threats. |
| Confer | Collect alerts from Confer and create incidents inside of RSA NetWitness Orchestrator. |
| Credence Security | Cyber and IT security technologies and solutions that protect organisations against advanced persistent threats, malicious adversaries and internal malpractice. |
| CrowdStrike Falcon Host | Automatically check reputation of files, URL and IP addresses, query endpoint for rich forensics data and take actions back via RSA NetWitness Orchestrator playbooks and from investigation war-room. |
| CrowdStrike Falcon Intel | Automatically check reputation of files, URL and IP addresses, query endpoint for rich forensics data and take actions back via RSA NetWitness Orchestrator playbooks. |
| CrowdStrike Falcon Streaming | RSA NetWitness Orchestrator integrates with the Falcon Streaming API to provide a constant source of information for real-time threat detection and prevention. |
| Cuckoo | Analyze malware using the open source Cuckoo sandbox via automated playbooks. |
| CVE Search | RSA NetWitness Orchestrator integrates with CVE Search for vulnerability management. |
| CyberArk | RSA NetWitness Orchestrator integrates with CyberArk Application Identity Manager for accounts and credentials. |
| Cybereason | This integration enables search for connections and processes on Cybereason. |
| Cylance | Automatically check the threat intelligence of files and hashes with the Cylance Inifinity API. |
| Cylance | RSA NetWitness Orchestrator integrates with Cylance Infinity for threat intelligence. |
| Cysec Cyber Security | Cysec specializes in information security and data communication, providing integration and consulting for a range of technologies. |
| Dell SecureWorks | RSA NetWitness Orchestrator integrates with Dell SecureWorks to enable ticket management with Dell's Counter Threat Operations Center. |
| Digital Shadows | Digital Shadows monitors and manages an organization's digital risk across the widest range of data sources within the open, deep, and dark web. |
| doIT Solutions | doIT solutions GmbH offers turnkey IT security and networking solutions and handle IT projects from the early stage to conception, implementation, and operation. |
| Domain Tools | Query cyber threat intelligence data about domains, IP and URLs from DomainTools. |
| DRS | ICT services and solutions provider specialising in providing innovation and agility in security, risk management and governance. |
| Duo Access | Duo is a comprehensive security solution confirms the identity of users and health of their devices before they connect to your applications. |
| DynTek | Optimizing your enterprise through the convergence of business and IT strategy. |
| Elasticsearch | Run custom and pre-defined queries against your Elasticsearch instance to look for IOC, analyze logs or other tasks. |
| Endgame | Endgame enables endpoint protection built to stop advanced attacks before damage and loss occurs. |
| EWS | Search and delete malicious email using EWS API from within RSA NetWitness Orchestrator playbooks. |
| Exabeam | Automatically enrich incident data with user risk score and complete session details from Exabeam and trigger responses to watchlist based on investigation. |
| F5 Networks | RSA NetWitness Orchestrator integrates with F5 for firewall policy management. |
| Farsight Security | RSA NetWitness Orchestrator integrates with Farsight Security to access real-time and historical Passive Domain Name System data. |
| FireEye AX | RSA NetWitness Orchestrator integrates with FireEye AX for malware analysis. |
| FireEye iSight | RSA NetWitness Orchestrator integrates with FireEye iSight for threat intelligence. |
| Forcepoint CASB | RSA NetWitness Orchestrator integrates with Forcepoint CASB to provide visibility and control over sanctioned and unsanctioned cloud apps. |
| Forcepoint Triton | Automatically whitelist and blacklist web URLs in Forcepoint Triton from within RSA NetWitness Orchestrator playbooks. |
| Giphy | RSA NetWitness Orchestrator integrates with Giphy for displaying GIFs in the War Room to enhance discussions. |
| Google Apps | RSA NetWitness Orchestrator integrates with both GSuite and Admin API for authentication and messaging. |
| GRR | RSA NetWitness Orchestrator integrates with GRR to enable Rapid Response framework for investigations. |
| GuardiCore | RSA NetWitness Orchestrator integrates with GuardiCore to provide data center breach detection. |
| Guidance EnCase | RSA NetWitness Orchestrator integrates with EnCase to request scans of specific endpoints. |
| Have I Been Pwned? | RSA NetWitness Orchestrator integrates with Have I Been Pwned? to check whether emails or domains have been compromised in recent breaches. |
| IBM XFE | Check for reputation of IP addresses, URL and files using IBM X-Force exchange database from automated playbooks and war-room. |
| Icebrg | Icebrg reduces risk by accelerating threat detection, triage, and response to rapidly-evolving breaches across global networks. |
| iDefense | RSA NetWitness Orchestrator integrates with iDefense for contextual, timely, and actionable security intelligence. |
| Imperva | RSA NetWitness Orchestrator integrates with Incapsula to manage sites and IPs. |
| Intsights | IntSights delivers rapid, accurate cyberthreat intelligence and incident mitigation in real time. |
| ipinfo | RSA NetWitness Orchestrator integrates with the ipinfo.io API to get data about an IP address. |
| IsItPhishing | Collaborative web service that provides validation on whether a URL is a phishing page. |
| Jamf | RSA NetWitness Orchestrator integrates with Jamf for comprehensive device management. |
| Jira Software | RSA NetWitness Orchestrator integrates with Jira for ticket management. |
| Joe Security Sandbox | RSA NetWitness Orchestrator integrates with Joe Security Sandbox to automate detonation and malware analysis. |
| Kafka | Kafka is an open-source distributed streaming platform. |
| Kenna | Kenna is a Risk Intelligence & Vulnerability platform that enables InfoSec teams to prioritize and remediate vulnerabilities faster. |
| Koodous | Check Android app samples against the Koodous API using this integration. |
| Lastline Analyst | RSA NetWitness Orchestrator integrates with Lastline Analyst for advanced malware isolation and inspection. |
| Lockpath | RSA NetWitness Orchestrator integrates with Keylight, an enterprise GRC platform with tools for managing risk and compliance. |
| LogRhythm | Create incidents from alarms in Logrhythm automatically and search for logs from within RSA NetWitness Orchestrator interface. |
| Mail Listener | Automatically create incidents from the emails in a security mailbox. Custom parsers can trigger different types from same mailbox. |
| Mail Sender | Automatically send notification emails for task assignment, incident assignment or other actions from RSA NetWitness Orchestrator. |
| Malwr | Analyze files using the Malwr sandbox using this integration. |
| McAfee Active Response | RSA NetWitness Orchestrator integrates with McAfee Active Response for comprehensive endpoint detection and response. |
| McAfee Advanced Threat Defense | RSA NetWitness Orchestrator integrates with McAfee Advanced Threat Defense for protection against stealthy, zero-day malware. |
| McAfee DAM | RSA NetWitness Orchestrator integrates with McAfee Database Activity Monitoring for real-time, reliable protection for business-critical databases. |
| McAfee ePO | RSA NetWitness Orchestrator integrates with McAfee ePolicy Administrator for unified policy management. |
| McAfee ESM | Import critical alerts from McAFee ESM as incidents into RSA NetWitness Orchestrator and automate response actions. |
| McAfee NSM | RSA NetWitness Orchestrator integrates with McAfee NSM for simple, centralized control for distributed network security appliances. |
| McAfee Threat Intelligence Exchange | RSA NetWitness Orchestrator integrates with McAfee Threat Intelligence Exchange to optimize threat detection and response. |
| McAfee Web Gateway | McAfee Web Gateway delivers high-performance web security through an on-premises appliance that can be deployed both as dedicated hardware and a virtual machine. |
| Micro Focus | Micro Focus (specifically, ArcSight) integrates with RSA NetWitness Orchestrator through its ESM SIEM and events logger, allowing seamless creation and update of events. |
| Micro Focus Service Support Manager | RSA NetWitness Orchestrator integrates with Micro Focus Service Support Manager for automated IT Service Management. |
| Microsoft SQL Server | This integration enables queries to the MSSQL server. |
| Mimecast | RSA NetWitness Orchestrator integrates with Mimecast for unified email management. |
| MISP | RSA NetWitness Orchestrator integrates with the Malware Information Sharing Platform for threat information sharing. |
| Moloch | Moloch is a large scale, open source, full packet capturing, indexing, and database system. |
| MXToolBox | This integration enables access of MX records, DNS, blacklists and SMTP diagnostics in one integrated tool. |
| MySQL | Run SQL queries for gathering rich information against any MySQL database. |
| Navilogic | Navilogic is a dedicated team of experienced, certified professionals with deep knowledge of enterprise and IT programs, services and technologies. |
| Nessus | Nessus is a vulnerability scanner for auditors and security analysts by Tenable Network Security. |
| nmap | RSA NetWitness Orchestrator integrates with nmap to run scans with the given parameters. |
| Okta | RSA NetWitness Orchestrator integrates with Okta's cloud based identity management service. |
| OpenPhish | OpenPhish uses proprietary AI algorithms to automatically identify zero-day phishing sites and provide actionable, real-time threat intelligence. |
| OpsGenie | RSA NetWitness Orchestrator integrates with OpsGenie for alerting and incident management for Dev and Ops teams. |
| OPSWAT Metadefender | The Metadefender multi-scanning engine uses 30+ anti-malware engines to scan files for threats, significantly increasing malware detection. |
| OSXCollector | Collect rich forensics data from Mac OSX endpoints using the RSA NetWitness Orchestrator and OSXCollector integration. |
| PacketMail | |
| PagerDuty | Get user on call or trigger PagerDuty alerts from RSA NetWitness Orchestrator . |
| Palo Alto AutoFocus | RSA NetWitness Orchestrator integrates with AutoFocus for threat intelligence, analysis, and prevention workflows. |
| Palo Alto LightCyber Magna | RSA NetWitness Orchestrator's integration with LightCyber empowers you to stop active attackers and malware operating inside your network. |
| Palo Alto Panorama | RSA NetWitness Orchestrator integrates with Palo Alto Panorama for network security and firewall management. |
| Palo Alto WildFire | Automate data enrichment and analysis with RSA NetWitness Orchestrator's playbooks and Palo Alto Networks' WildFire. |
| Payload Security | RSA NetWitness Orchestrator integrates with VxStream Sandbox from Payload Security for fully automated malware analysis. |
| Performanta | Performanta, the global purple tribe, delivering the bedrock of quality managed cyber security services and consulting to our customers, enabling them to do business safely. |
| PhishMe | RSA NetWitness Orchestrator integrates with PhishMe for human-vetted, phishing-specific threat intelligence. |
| PhishTank | RSA NetWitness Orchestrator integrates with PhishTank to check URL reputation. |
| Pipl | Automatically search for people details based on various attributes like email. |
| PostgreSQL | This integration allows users to query the PostgreSQL database. |
| ProtectWise | RSA NetWitness Orchestrator playbooks use data collected by ProtectWise for hunting file, IP, domain and other indicators, enabling fast and accurate responses to incidents. |
| QRadar | QRadar from IBM Security is an integrated analytics platform that streamlines critical capabilities into common workflows and helps increase analyst efficiency. |
| Qualys | RSA NetWitness Orchestrator integrates with Qualys for network security and vulnerability management. |
| Rapid7 Nexpose | Collect vulnerability data and initiate incidents upon discovery of major vulnerabilities in sensitive systems. |
| Rekall | Conduct memory analysis using Rekall with real-time interactive ChatOps. |
| RemoteAccess | Use SSH and WMI to run actions on compromised endpoints via automated playbooks or from investigation war-room. |
| RiskIQ PassiveTotal | RSA NetWitness Orchestrator integrates with PassiveTotal from RiskIQ for threat infrastructure analysis from a variety of sources. |
| RSA Archer | RSA NetWitness Orchestrator integrates with RSA Archer for policy management. |
| RSA NetWitness | RSA provides an evolved SIEM and threat defense offering to overcome SOCs' biggest challenges through automation and response. |
| rSolutions | rSolutions is a leading cyber security firm strategically aligned with best of breed security vendors to assist clients in securing their enterprises. |
| Salesforce | RSA NetWitness Orchestrator integrates with Salesforce CRM Services for object management. |
| SAML | Single sign-on support for any SAML 2.0 supported provider. |
| Sayers | Sayers provides customers with the right IT solutions, including cloud and virtualization, data center storage, security, mobility, and professional services. |
| Secdo | Secdo's automated incident response platform hunts threats in real time and delivers an endpoint detection and response solution. |
| Secure Controls | SecureControls makes IT Security more effective, easier, and more efficient. |
| SentinelOne | Collect high severity alerts and run advanced queries against endpoints from RSA NetWitness Orchestrator server. |
| ServiceNow | Create and update tickets from RSA NetWitness Orchestrator playbooks automatically. |
| Shodan | Shodan is a search engine for Internet-connected devices integrated with RSA NetWitness Orchestrator for data enrichment. |
| Slack | Send notifications to Slack (direct messages and channels) for new incidents, assigned incidents and assigned tasks from RSA NetWitness Orchestrator. |
| SMSAM Systems | Leading pan-African cybersecurity consultancy partnering with large financial services firms and businesses across other verticals. |
| Splunk | Import critical alerts as incidents and search for relevant data from RSA NetWitness Orchestrator. |
| Sumo Logic | RSA NetWitness Orchestrator integrates with Sumo Logic to provide a cloud-based service for logs and metrics management. |
| Symantec ATP | RSA NetWitness Orchestrator integrates with Symantec ATP for advanced threat protection. |
| Symantec Endpoint Protection | Artificial intelligence fused with critical endpoint technologies deliver the most complete endpoint security on the planet. |
| Symantec MSS | Leverage the power of Symantec Managed Security Services for continual threat monitoring and 24x7 customized guidance. |
| Tanium | Search and run queries against Tanium server from playbooks or via ChatOps enabled war-room within RSA NetWitness Orchestrator. |
| TCPIPUtils | RSA NetWitness Orchestrator integrates with TCPIPUtils for comprehensive enrichment and reputation checks for domains, IPs, and providers. |
| Threat Central | Automatically enrich incidents with latest intelligence from Threat Central for IP address, URL and other indicators. |
| Threat Crowd | RSA NetWitness Orchestrator's integration with Threat Crowd enables report queries on a wide variety of indicators. |
| ThreatConnect | RSA NetWitness Orchestrator integrates with ThreatConnect to find threats, evaluate risk, and mitigate harm to your organization. |
| ThreatExchange by Facebook | Learn more about threats & make your systems safer with the ThreatExchange API by Facebook, within RSA NetWitness Orchestrator playbooks. |
| Trend Micro | RSA NetWitness Orchestrator integrates with Trend Micro to help eliminate security gaps across any user activity and endpoint. |
| Twilio | Twilio is a cloud communication platform for building messages applications at scale. |
| urlscan.io | RSA NetWitness Orchestrator integrates with urlscan.io to help scan websites for reputation. |
| Vectra | Vectra AI uses data science, machine learning, and human proficiency to provide automated threat detection, triage and correlation 24/7 across the entire enterprise. |
| Venafi | RSA NetWitness Orchestrator integrates with Venafi for key management and certificate management actions. |
| Verodin | This integration allows users to manage Verodin simulations and topology. |
| Virus Total | Check for reputation of IP addresses, URL and files using VirusTotal database from automated playbooks and war-room. |
| VMRay | RSA NetWitness Orchestrator integrates with VMRay for agentless threat analysis and detection. |
| VMWare vCenter Server | VMware vCenter Server is a centralized management application that lets you manage virtual machines and ESXi hosts centrally. |
| Volatility | Use volatility to analyze memory dumps for infected systems as part of playbook automations or interactive ChatOps commands. |
| Whois | Enrich all the indicators related to an incident with the relevant whois information automatically. |
| Zendesk Help Center | Integrated help with knowledge base articles available within RSA NetWitness Orchestrator. |
| Zscaler Cloud Security | Zscaler is a cloud security solution built for performance and flexible scalability. |
