Demisto Enterprise integrates with a growing list of dozens of products, including security products as well as collaboration and notification platforms. By integrating with Demisto Enterprise, partners enable their products with the industry’s first Bot-powered security ChatOps platform for automating playbooks and response tasks, and detecting duplicate incidents.
Become a Partner
Demisto is a 100% channel company with great benefits for partners. Also integrating with Demisto is easy for security product partners and often Demisto team will do the heavy lifting. Join our technology and channel partner network and help us help you.
A thought leader in security automation and orchestration that provides managed security services programs for playbook development/tuning.
Blockade brings antivirus-like capabilities to users who run the Chrome browser, blocking malicious resources from being viewed or loaded inside of the browser.
Censys lets researchers find specific hosts and create aggregate reports on how devices, websites, and certificates are configured and deployed.
Cloudlock is a cloud-native CASB that helps protect your cloud users, data, and apps.
Cyber and IT security technologies and solutions that protect organisations against advanced persistent threats, malicious adversaries and internal malpractice.
Demisto integrates with Dell SecureWorks to enable ticket management with Dell’s Counter Threat Operations Center.
doIT solutions GmbH offers turnkey IT security and networking solutions and handle IT projects from the early stage to conception, implementation, and operation.
ICT services and solutions provider specialising in providing innovation and agility in security, risk management and governance.
Duo is a comprehensive security solution confirms the identity of users and health of their devices before they connect to your applications.
Demisto integrates with HubSpot for easier ingestion of contact details and automated enrollment of contacts into other workflows.
Micro Focus (specifically, ArcSight) integrates with Demisto through its ESM SIEM and events logger, allowing seamless creation and updation of events.
Palo Alto WildFire
Automate data enrichment and analysis with Demisto’s playbooks and Palo Alto Networks’ WildFire.
Performanta, the global purple tribe, delivering the bedrock of quality managed cyber security services and consulting to our customers, enabling them to do business safely.
Demisto playbooks use data collected by ProtectWise for hunting file, IP, domain and other indicators, enabling fast and accurate responses to incidents.
QRadar from IBM Security is an integrated analytics platform that streamlines critical capabilities into common workflows and helps increase analyst efficiency.
Demisto integrates with NetWitness to provide a logs and packets decoder and a security analytics system.
rSolutions is a leading cyber security firm strategically aligned with best of breed security vendors to assist clients in securing their enterprises.
Sayers provides customers with the right IT solutions, including cloud and virtualization, data center storage, security, mobility, and professional services.
SMSAM Systems Ltd.
Leading pan-African cybersecurity consultancy partnering with large financial services firms and businesses across other verticals.
Demisto integrates with Sumo Logic to provide a cloud-based service for logs and metrics management.
Cysec Cyber Security
Cysec specializes in information security and data communication, providing integration and consulting for a range of technologies.
ThreatExchange by Facebook
Learn more about threats & make your systems safer with the ThreatExchange API by Facebook, within Demisto playbooks.
Vectra AI uses data science, machine learning, and human proficiency to provide automated threat detection, triage and correlation 24/7 across the entire enterprise.
CrowdStrike Falcon Intel
Automatically check reputation of files, URL and IP addresses, query endpoint for rich forensics data and take actions back via Demisto playbooks.
Automatically enrich incident data with user risk score and complete session details from Exabeam and trigger responses to watchlist based on investigation.
Automatically check the threat intelligence of files and hashes with the Cylance Inifinity API.
Active Directory Query
Query active directory for user, computer and other objects in real time from Demisto’s automated playbooks.
Carbon Black Enterprise Response
Query and take action across your enterprise using Carbon Black Live Response from Demisto’s playbooks.
Use volatility to analyze memory dumps for infected systems as part of playbook automations or interactive ChatOps commands.
Automatically create incidents from the emails in a security mailbox. Custom parsers can trigger different types from same mailbox.
Send notifications to Slack (direct messages and channels) for new incidents, assigned incidents and assigned tasks from Demisto Enterprise.
Automatically enrich incidents with latest intelligence from Threat Central for IP address, URL and other indicators.
Navilogic is a dedicated team of experienced, certified professionals with deep knowledge of enterprise and IT programs, services and technologies.
Blue Turtle is one of South Africa’s leading enterprise technology management companies, focused on IT and Service Management solutions.
Import critical alerts from McAFee ESM as incidents into Demisto Enterprise and automate response actions.
Automatically whitelist and blacklist web URLs in Forcepoint Triton from within Demisto playbooks.
Enrich all the indicators related to an incident with the relevant whois information automatically.
Automatically send notification emails for task assignment, incident assignment or other actions from Demisto Enterprise.
Check Point Firewall
Automatically update IOC blacklist and change firewall policy from Demisto Enterprise based on the incident investigation data.
Check for reputation of IP addresses, URL and files using IBM X-Force exchange database from automated playbooks and war-room.
Collect vulnerability data and initiate incidents upon discovery of major vulnerabilities in sensitive systems.
Use SSH and WMI to run actions on compromised endpoints via automated playbooks or from investigation war-room.
Carbon Black Enterprise Protection
Reduced risk and exposure by automating response to security incidents and using rich endpoint data from Carbon Black and automated playbooks from Demisto.
Crowdstrike Falcon Host
Automatically check reputation of files, URL and IP addresses, query endpoint for rich forensics data and take actions back via Demisto playbooks and from investigation war-room.
Search and run queries against Tanium server from playbooks or via ChatOps enabled war-room within Demisto Enterprise.
Import critical alerts as incidents and search for relevant data from Demisto Enterprise.
Zendesk Help Center
Integrated help with knowledge base articles available within the Demisto Enterprise product.
Collect high severity alerts and run advanced queries against endpoints from Demisto server.
Check for reputation of IP addresses, URL and files using VirusTotal database from automated playbooks and war-room.
Create incidents from alarms in Logrhythm automatically and search for logs from within Demisto interface.
Run custom and pre-defined queries against your Elasticsearch instance to look for IOC, analyze logs or other tasks.
Active Directory Authentication
Query active directory for user and system details using different attributes like email, username, system name etc.