We know how important it is for your security solutions to talk to each other. Darktrace was built with an open architecture, making integrations quick and simple. Find some common cases listed below. Custom integrations are available upon request.
Integrations with Darktrace/Apps
AWS
Detect and respond to cloud based threats across AWS services from EC2 to EKS and monitor administrative and resource management activity.
Detect and respond to cloud based threats across IaaS, PaaS, and control planes. Monitor M365 administration and access via AzureAD and cloud infrastructure resource management.
Leverage custom playbooks to orchestrate actions triggered by Darktrace AI Analyst incidents and model breaches. Automate commands to pull deeper information back from Darktrace.
Detect and respond to threats in Gmail, and monitor user activity, user management, file creation and sharing, and administrative events across Google Workspace apps.
Integrate Darktrace with Hunters to allow triaging of Darktrace alerts and incidents via the Hunters console, as well as further investigating and correlating them to related threats
Leverage custom playbooks to orchestrate actions triggered by Darktrace AI Analyst incidents and model breaches. Automate commands to pull deeper information back from Darktrace.
Enrich Darktrace detection with alerts from Microsoft Cloud App Security, the Microsoft Defender suite, Azure Information Protection, and Azure Identity Protection.
Analyze Darktrace AI Analyst incidents and model breach alerts in CIM compatible Splunk dashboards, and poll Splunk data to enrich Darktrace modeling with additional contextual information.
Leverage custom playbooks to orchestrate actions triggered by Darktrace AI Analyst incidents and model breaches. Automate commands to pull deeper information back from Darktrace.
