Darktrace/Endpoint Integrations

For every product, an integration

We know how important it is for your security solutions to talk to each other. Darktrace was built with an open architecture, making integrations quick and simple. Find some common cases listed below. Custom integrations are available upon request.

Integrations with Darktrace/Endpoint

Azure Sentinel

Analyze Darktrace AI Analyst incidents and model breach alerts in Azure Sentinel.

Carbon Black

Enrich Darktrace AI decision-making with alerts from Carbon Black.

Commvault Cloud

Enrich the Commvault platform with real time security insights from Darktrace Detect, so organizations can respond to threats reducing impact to their data

Cortex XSOAR

Leverage custom playbooks to orchestrate actions triggered by Darktrace alerts.

Crowdstrike Falcon

Enrich Darktrace AI decision-making with alerts from the Crowdstrike Falcon platform.

Cybereason EDR

Enrich Darktrace AI decision-making with alerts from Cybereason.

Elastic Security

Analyze, correlate, and visualize Darktrace AI Analyst incidents and model breach alerts.

FortiSOAR

Leverage custom playbooks to orchestrate actions triggered by Darktrace AI Analyst incidents and model breaches. Automate commands to pull deeper information back from Darktrace.

Hunters SOC Platform

Integrate Darktrace with Hunters to allow triaging of Darktrace alerts and incidents via the Hunters console, as well as further investigating and correlating them to related threats

InsightConnect

Leverage custom playbooks to orchestrate actions triggered by Darktrace AI Analyst incidents and model breaches. Automate commands to pull deeper information back from Darktrace.

InsightIDR

Analyze Darktrace AI Analyst incidents and model breach alerts in InsightIDR.

InsightVM

Enrich Darktrace detection and response with additional device information.

Jira

Create Jira issues for AI Analyst incidents, model breaches, and system health alerts.

LogRhythm

Analyze Darktrace AI Analyst incidents and model breach alerts in LogRhythm.

Microsoft Advanced Hunting

Enrich Darktrace detections with on-demand data for increased threat hunting context from the endpoint.

Microsoft Graph Security API

Enrich Darktrace detection with alerts from Microsoft Cloud App Security, the Microsoft Defender suite, Azure Information Protection, and Azure Identity Protection.

Microsoft Teams

Insert Darktrace alerting into Microsoft Teams channels.

QRadar

Analyze Darktrace AI Analyst incidents and model breach alerts in Qradar.

ServiceNow ITSM

Automate IT tasks in ITSM triggered by Darktrace alerts.

ServiceNow SecOps

Leverage custom playbooks to orchestrate actions triggered by Darktrace alerts.

Siemplify

Leverage custom playbooks to orchestrate actions triggered by Darktrace alerts.

Slack

Insert Darktrace alerting into a Slack channel or chat.

Splunk

Analyze Darktrace AI Analyst incidents and model breach alerts in CIM compatible Splunk dashboards, and poll Splunk data to enrich Darktrace modeling with additional contextual information.

Splunk SOAR

Leverage custom playbooks to orchestrate actions triggered by Darktrace AI Analyst incidents and model breaches. Automate commands to pull deeper information back from Darktrace.

Swimlane

Leverage custom playbooks to orchestrate actions triggered by Darktrace alerts.

Tenable.io

Enrich Darktrace AI decision-making with vulnerability data from Tenable.

Tines

Leverage custom playbooks to orchestrate actions triggered by Darktrace alerts.