TECHNOLOGY PARTNERS
RevealX™ Integrations
From streamlined analytics to response automation, together, we help you thrive
Integration Categories
AWS | Amazon Security Lake
Integrates context-rich RevealX detection data and network intelligence for a wide range of use cases.
Integrations
Investigation
Learn more
Ansible
Enables faster automated deployment of RPCAP on Linux machines.
Integrations
Automation
RPCAD
Deployment
Aruba Networks | Clearpass
Automate containment of unauthorized devices in your network.
Integrations
Automation
Response
Atlassian | Jira
Automates ticket creation in Jira based on RevealX detections.
Integrations
Automation
Ticketing
Binary Defense | MDR
Provides ExtraHop MDR managed by Binary Defense.
MDR
Check Point | Smart-1
Integrates RevealX network telemetry and detection data for automated response on gateways.
Integrations
Automation
Response
Cisco | ISE
Automates containment, isolation, or communication abilities of devices in your network.
Integrations
Automation
Response
ISE
Cisco | Meraki NDR
Enables network-based containment powered by RevealX detection events.
Integrations
Automation
Response
Cisco | Meraki NPM
Allows Meraki NPM to consume RevealX metrics and alerts.
Integrations
Troubleshooting
Crowdstrike | Falcon
Provides real-time network telemetry for investigations and insights into network and on-host behavior.
Integrations
Automation
Response
EDR
Learn more
Crowdstrike | LogScale
Allows LogScale to consume RevealX detection data and provides storage and querying for ExtraHop Records.
Integrations
Investigation
SIEM
Crowdstrike | Threat Intelligence
RevealX Detection capabilities are augmented by the inclusion of CrowdStrike Falcon® Adversary Intelligence Premium threat intelligence.
Integrations
Automation
Investigation
TI
Cubro
Provides packet aggregation and filtering for RevealX data feeds.
Integrations
Packet Aggregation
Packet Filtering
DataDog
Allows DataDog to consume RevealX detections and alerts.
Exabeam
Sends RevealX detection data to Exabeam that can be searched.
Integrations
SIEM
Investigation
F5 | LTM
F5 iRules allow session keys to be sent to RevealX for decryption of TLS traffic.
Integrations
Decryption
Forescout
Integrates RevealX detection data automate containment unauthorized devices in a network.
Integrations
Automation
Response
Fortinet | Fortigate
Enables Fortigate to automatically quarantine, block, or unblock devices in a network.
Integrations
Automation
Response
Garland
Provides network TAPs for RevealX data feeds.
Integrations
Network TAPs
Gigamon
Provides packet aggregation and filtering for RevealX data feeds.
Integrations
Packet Aggregation
Packet Filtering
Learn more
Google | BigQuery
Scaleable cloud solution for storing and querying ExtraHop Records.
Integrations
Investigation
Record Storage
Learn more
Grafana
Allows Grafana to consume RevealX detections and metrics for querying, transformation, or dashboarding.
Integrations
Performance
HashiCorp | Terraform
Provisions and manages cloud infrastructure, including RevealX VMs.
Integrations
Provisioning
IBM | QRadar SIEM
Allows QRadar SIEM users to view detection data from RevealX to gain behavioral insights network activity.
Integrations
SIEM
Investigation
QrRadar
Learn more
IBM | QRadar SOAR
Allows QRadar SOAR to consume RevealX detection data and provides support for playbooks.
Integrations
Investigation
Automation
Response
SOAR
QrRadar
KeySight/IXIA
Provides packet aggregation and filtering for RevealX data feeds.
Integrations
Packet Aggregation
Packet Filtering
Kubernetes
Provides data and metadata for K8s environments.
MDR
LogRhythm
Allows RevealX to send detection data to LogRhythm SIEM in several formats.
Integrations
SIEM
Investigation
MISP Threat Sharing | (Send Detections to MISP)
Allows RevealX to send detections and alerts to MISP.
Integrations
MISP Threat Sharing | (Upload TI via Python)
Allows MISP threat intelligence feed to be consumed by RevealX.
Integrations
TI
Investigation
Microsoft | Active Directory
Included RevealX Dashboard tracks Kerberos server activity for Active Directory user and computer accounts.
Integrations
Kerberos
Active Directory
Learn more
Microsoft | Defender ATP
Enables automated virus scanning or containment on endpoints via Microsoft Defender EDR.
Integrations
Automation
Investigation
Response
EDR
Microsoft | Microsoft 365
Enables RevealX users to examine events within Microsoft 365 that may suggest account or identity compromise.
Integrations
Monitoring
Microsoft | Power BI Desktop
Provides custom dashboards to visualize RevealX detections in Microsoft Sentinel.
Integrations
SIEM
Investigation
Microsoft | Protocol Decryption
Microsoft Server Agent provides private key forwarding to RevealX for protocol decryption.
Integrations
Decryption
Microsoft | Sentinel
Allows consumption of RevealX detection data for dashboards, custom alerts, and enhanced investigation.
Integrations
SIEM
Investigation
Microsoft | Teams
Enables RevealX NPM and NDR to monitor Teams network traffic for security and performance use cases.
Integrations
Performance
Monitoring
Security
Netskope | SASE
Allow RevealX to consume packet data from NetSkope endpoints.
Integrations
Packets
SASE
Learn more
Niagra Networks
Provides packet aggregation and filtering for RevealX data feeds.
Integrations
Packet Aggregation
Packet Filtering
Paessler | PRTG Network Monitor
Syncs active alarms on detection update events from PRTG to the RevealX detection card notes field.
Integrations
Investigation
PagerDuty
Allows RevealX detections and alerts to be consumed and analyzed.
Integrations
Investigation
Palo Alto Networks | Cortex XSOAR
Creates investigations, orchestrated responses, and more in Cortex XSOAR based on RevealX detections.
Integrations
SOAR
Automation
Response
Learn more
Palo Alto Networks | Panorama
Enables quarantine of compromised devices based on RevealX detection data.
Integrations
Automation
Response
Red Canary | MDR
Allows Red Canary MDR to consume and analyze RevealX metrics.
MDR
SentinelOne | EDR
Provides the ability to request disconnection for a device that's an offender in a RevealX detection.
Integrations
Automation
Response
EDR
ServiceNow | Incident Creation
Automates ticket creation in ServiceNow from RevealX detections and alerts.
Integrations
Ticketing
ServiceNow | Service Graph Connector
Enables transformation of RevealX discovered device into ServiceNow CMDB tables.
Integrations
Investigation
Learn more
Sophos
Enables internal and external quarantining of offenders in RevealX detections on Sophos Firewalls.
Integrations
Automation
Response
Splunk | SIEM
Allows collection of alerts, detections, DNS responses, and file share activity as well as dashboard creation.
Integrations
SIEM
Investigation
Learn more
Splunk | SOAR
Allows Splunk SOAR users to initiate, automate, and orchestrate workflows with RevealX detection data and metrics.
SOAR
Integrations
Automation
Response
Learn more
Sumo Logic
Sends RevealX detections to Sumo Logic for analysis and correlation as well as SIEM + SOAR use cases.
Integrations
Investigation
Symantec | EDR
Enables Symantec to contain endpoints based on RevealX detection data.
Integrations
Automation
Response
EDR
Tenable
Allows Tenable to consume RevealX detection data.
Integrations
Investigation
Tines.io | SOAR
Allows Tines SOAR users to automate workflows using RevealX detection data.
Integrations
SOAR
Automation
Response
Trellix | HX EDR
Enables Trellix HX EDR to contain endpoints based on RevealX detection data.
Integrations
Response
Automation
EDR
VMware | Carbon Black
RevealX detection data powers automated quarantine of offenders.
Integrations
Automation
Response
Technology Integration Types
Built-In
Simply click the partner tile to get started. Automatically send detections and metadata to your SIEM or SOAR. Receive encrypted traffic from your SSE.
Customizable
Use the ExtraHop bidirectional REST API to automate tasks. Automatically quarantine devices with XDR. Drive actions from insights to serve your specific needs.