NEW

2024 True Cost of a Security Breach

Arrow pointing right
ExtraHop Logo
  • Productschevron right
  • Solutionschevron right
  • Why ExtraHopchevron right
  • Blogchevron right
  • Resourceschevron right

TECHNOLOGY PARTNERS

RevealX™ Integrations

From streamlined analytics to response automation, together, we help you thrive

filter iconIntegration Categories

AWS | Amazon Security Lake

Send RevealX detection data and network intelligence enabling a wide range of use cases.

Ansible

Enables faster automated deployment of RPCAP on Linux machines.

Automation
Deployment

Aruba Networks | Clearpass

Automate containment of unauthorized devices in your network.

Automation

Atlassian | Jira

Automates Jira ticket creation based on RevealX detections.

Automation
Ticketing

Binary Defense | MDR

Provides ExtraHop MDR managed by Binary Defense.

Check Point | Smart-1

Integrates RevealX network telemetry and detection data for automated response on gateways.

Automation

Cisco | ISE

Automates containment, isolation, or communication abilities of devices in your network.

Automation

Cisco | Meraki NDR

Enables network-based containment powered by RevealX detection events.

Automation

Cisco | Meraki NPM

Send ExtraHop metrics and alerts to Meraki NPM.

Crowdstrike | Falcon

Provides real-time network telemetry for investigations and insights into network behavior.

Automation
EDR

Crowdstrike | LogScale

Sends RevealX detection data to LogScale and provides storage for querying ExtraHop Records.

SIEM

Crowdstrike | Threat Intelligence

RevealX detections are enriched by CrowdStrike Falcon® Adversary Intelligence Premium threat intelligence.

Automation
Threat Intel

Cubro

Provides packet aggregation and filtering to RevealX Sensors.

Packet Aggregation

DataDog

Send RevealX detection data to DataDog for searching.

Exabeam

Send RevealX detection data to Exabeam for searching.

SIEM

F5 | LTM

Provides TLS traffic decryption using F5 iRules.

Decryption

Forescout

Integrates RevealX detection data automate containment unauthorized devices in a network.

Automation

Fortinet | Fortigate

Enables Fortigate to automatically quarantine, block, or unblock devices in a network.

Automation

Garland

Provides packet aggregation and filtering to RevealX Sensors.

Gigamon

Provides packet aggregation and filtering to RevealX Sensors.

Packet Aggregation

Google | BigQuery

Scaleable cloud solution for storing and querying ExtraHop Records.

Grafana

Allows Grafana to consume RevealX detections and metrics for querying, transformation, or dashboarding.

HashiCorp | Terraform

Provisions and manages cloud infrastructure, including RevealX VMs.

IBM | QRadar SIEM

Send RevealX detection data to QRadar SIEM for seaching.

SIEM

IBM | QRadar SOAR

Send RevealX detection data to QRadar SOAR and provide support for playbooks.

Automation

KeySight/IXIA

Provides packet aggregation and filtering to RevealX Sensors.

Packet Aggregation

Kubernetes

Provides data and metadata for K8s environments.

LogRhythm

Send RevealX detection data to LogRhythm SIEM in several formats.

SIEM

MISP Threat Sharing | (Send Detections to MISP)

Send RevealX detection data and alerts to MISP.

MISP Threat Sharing | (Upload TI via Python)

Import MISP threat intelligence feed into RevealX.

Threat Intel

Microsoft | Active Directory

Included RevealX Dashboard tracks Kerberos server activity for Active Directory user and computer accounts.

Microsoft | Defender ATP

Enables automated virus scanning or containment via Microsoft Defender for Endpoint.

Automation
EDR

Microsoft | Microsoft 365

Generate RevealX detections from Microsoft 365 events.

Microsoft | Power BI Desktop

Custom dashboards to visualize RevealX detections in Microsoft Power BI Desktop.

SIEM

Microsoft | Protocol Decryption

Decrypt Kerberos or NTLM exchanges and protocols encrypted via LDAP, MSRPC, SMB 3 and WSMAN.

Decryption

Microsoft | Sentinel

Send RevealX detection data to Microsoft Sentinel for dashboarding, alerting, and enhanced investigation.

SIEM

Microsoft | Teams

Enables RevealX NPM and NDR to monitor Teams network traffic for security and performance use cases.

Netskope | SASE

Ingest packets from Netskope to detect threats, discover devices, and gain insight into traffic.

SASE

Niagra Networks

Provides packet aggregation and filtering to RevealX Sensors.

Packet Aggregation

Paessler | PRTG Network Monitor

Syncs active alarms on detection update events from PRTG to the RevealX detection card notes field.

PagerDuty

Send RevealX detection data to PagerDuty.

Palo Alto Networks | Cortex XSOAR

Creates investigations, orchestrated responses, and more in Cortex XSOAR based on RevealX detections.

SOAR
Automation

Palo Alto Networks | Panorama

Enables quarantine of compromised devices based on RevealX detection data.

Automation
Firewalls

Red Canary | MDR

Allows Red Canary MDR to consume and analyze RevealX metrics.

SentinelOne | EDR

Disconnect a device that's an offender in a RevealX detection.

Automation
EDR

ServiceNow | Incident Creation

Automates ticket creation in ServiceNow from RevealX detections and alerts.

Ticketing

ServiceNow | Service Graph Connector

Enables transformation of RevealX discovered devices into ServiceNow CMDB tables.

Sophos

Enables internal and external quarantining of offenders in RevealX detections on Sophos Firewalls.

Automation
Firewalls

Splunk | SIEM

Send RevealX detection and alert data to a Splunk HEC or SysLog receiver.

SIEM

Splunk | SOAR

Intitate, automate, and orchestrate workflows with RevealX detection data and metrics.

SOAR
Automation

Sumo Logic

Sends RevealX detections to Sumo Logic for analysis and correlation as well as SIEM + SOAR use cases.

Symantec | EDR

Enables Symantec to contain endpoints based on RevealX detection data.

Automation
EDR

Tenable

Allows Tenable to consume RevealX detection data.

Tines.io | SOAR

Allows Tines SOAR users to automate workflows using RevealX detection data.

SOAR
Automation

Trellix | HX EDR

Enables Trellix HX EDR to contain endpoints based on RevealX detection data.

Automation
EDR

VMware | Carbon Black

RevealX detection data powers automated quarantine of offenders.

Automation
EDR

Technology Integration Types

Built in icon
Built-In

Simply click the partner tile to get started. Automatically send detections and metadata to your SIEM or SOAR. Receive encrypted traffic from your SSE.

Customize icon
Customizable

Use the ExtraHop bidirectional REST API to automate tasks. Automatically quarantine devices with XDR. Drive actions from insights to serve your specific needs.

Solve tough challenges with seamless solutions


We believe the future of IT lies in strong technical integrations that make use of all four data sources crucial to Open IT Operational Architecture.


Want to join us?
Built-in CrowdStrike Threat Intelligence, Falcon LogScale Record Storage, and More
Zero Trust Integration from ExtraHop and Netskope Gives Security Teams Visibility into SSE Tunnels
ExtraHop Partner Program

Interested in becoming an ExtraHop Partner?

Combine your security expertise, compelling services, and ExtraHop NDR.

We believe strong partnerships are key to delivering the secure, high performance enterprises our customers—and yours—deserve. Reach out to get started!
Become a partner