Apps

AbuseIPDB
AbuseIPDB app provides abuse IP check and malicious IP report integration using REST API. You can also fetch top AbuseIPDB blacklist and deploy it to your firewall.
SNR / MAE
2022-05-01

AhnLab EPP
AhnLab EPP app provides endpoint file search, file collection, Ahn report collection, V3 scan, suspicious behavior details, network quarantine, and exception rule management.
SNR / MAE
2022-04-17

Apache HTTP Server
Collect Apache HTTP server logs using SFTP, monitor website traffic and web application attacks.
STD / ENT
2022-05-29

AWS
Logpresso AWS app provides observability for AWS infrastructure. It supports cyber threat detection, availability monitoring and cost calculation using AWS CloudTrail, CloudWatch, VPCFlow, EC2, IAM, ELB, and S3 API.
STD / ENT / SNR / MAE
2022-06-06

AXGATE NGFW
AXGATE NGFW app provides address object and security policy management using REST API.
SNR / MAE
2022-05-01

BLUEMAX NGF
Bluemax NGF app provides firewall policy and object management using REST API.
SNR / MAE
2022-08-30

Criminal IP
Criminal IP app provides attack surface monitoring dashboard, and playbook commands for detecting VPN, TOR, and proxy IP address.
STD / ENT / SNR / MAE
2022-08-19

FCTI
FCTI threat intelligence service provides information on IP addresses of interest, malware distribution sites, malware analysis results, vulnerability reports, DDoS alerts and security news.
SNR / MAE
2022-05-15

FireEye EX
FireEye EX app provides APT alerts, malicious email attachment acquisitions, C2 server communication logs via the FireEye EX API.
SNR / MAE
2022-05-24

FireEye FX
FireEye FX app supports alert query, trace file download, scan status monitoring and control, YARA file upload, status monitoring for FX appliance and attached storages.
STD / ENT / SNR / MAE
2022-06-26

FireEye NX
FireEye NX app provides APT dashboard, malware infection report, flow details related to APT alert, alert acknowlegement, and whitelist management.
STD / ENT / SNR / MAE
2022-04-16

FortiGate
FortiGate app provides firewall policy setting, traffic statistics, active session monitoring, IP blocking, and session termination via FortiGate REST API.
SNR / MAE
2022-05-11

Genian NAC
Genian NAC app provides endpoint network access control using tag management. It also provides asset catalog, opened ports, and vulnerability scan report.
SNR / MAE
2022-05-01

Google Workspace
Google Workspace app provides audit logs and dashboard visualizations for accounts, OAuth token usage, Google Drive usage, and Google Meet usage.
STD / ENT / SNR / MAE
2022-10-18

insightVM
RAPID7 insightVM app provides asset database with vulnerability diagnosis history and risk score. It supports remote vulnerability scanner control.
STD / ENT / SNR / MAE
2022-05-15

Log4j2 Scanner
This is an app that collects the data of log4j2-scan, a tool for scanning and resolving CVE-2021-44228 vulnerabilities, as Syslog to visualize the overall status.
STD / ENT
2022-08-12

Mail-i
Mail-i app provides outbound mail dashboard for attachment monitoring, mail data loggers, and query command extensions using Elastic REST API call.
STD / ENT / SNR / MAE
2022-05-15

malwares.com
malwares.com app provides analysis information about files, IP addresses and domains through the malwares.com REST API.
SNR / MAE
2022-09-08

Microsoft 365
Microsoft 365 app provides user account, file, mail usage monitoring through Microsoft 365 API, and detects unauthorized data access and leakage.
STD / ENT / SNR / MAE
2022-05-22

Microsoft Azure
Azure app provides activity log collection, metric monitoring, and cloud resource management via Microsoft Azure cloud API.
STD / ENT / SNR / MAE
2022-10-04

Naver Cloud
Naver Cloud app provides CSPM (Cloud Security Posture Management) for Naver Cloud using REST API of Cloud Activity Tracer, Cost And Usage, Server, and other services.
STD / ENT / SNR / MAE
2022-09-11

NetWitness
The RSA NetWitness app reassembles session logs by collecting meta entities via REST API. It provides dashboard, packet search, PCAP file download, and file content information.
STD / ENT / SNR / MAE
2022-05-19

Notion
Notion app provides extended query commands to query Notion users, pages, and blocks.
STD / ENT / SNR / MAE
2022-10-15

Office Scanner
Office scanner app extracts text from MS word and PowerPoint files.
SNR / MAE
2022-09-20

Palo Alto Networks NGFW
Palo Alto Networks NGFW app provides traffic log query and IP address blocking via the Panorama XML API.
SNR / MAE
2022-05-24

S2W Quaxar
S2W quaxar app provides IoC feed, IoC search, attack surface management, threat report, security news, and vulnerability report dashboards.
STD / ENT / SNR / MAE
2022-07-07

Secudium Intelligence
Secudium Intelligence app provides IoC search, static or dynamic malware analysis, CVE database, WHOIS and security trend dashboard.
STD / ENT / SNR / MAE
2022-05-15

Splunk
Splunk app provides remote searches and monitoring for jobs, data inputs, saved searches, indexes, users, output syslog settings, apps, and license status.
STD / ENT / SNR / MAE
2022-07-17

Tanium
Tanium app provides real-time endpoint file browsing, evidence file download, event search, and action deployment.
SNR / MAE
2022-04-18

WebKeeper SG
WebKeeper app provides a dashboard, logger for web proxy logs, and query command extension using Elastic REST API call.
STD / ENT / SNR / MAE
2022-05-15