TECHNOLOGY PARTNERS
RevealX™ Integrations
From streamlined analytics to response automation, together, we help you thrive
Integration Categories
AWS | Amazon Security Lake
Send RevealX detection data and network intelligence enabling a wide range of use cases.
Learn more
Ansible
Enables faster automated deployment of RPCAP on Linux machines.
Automation
Deployment
Aruba Networks | Clearpass
Automate containment of unauthorized devices in your network.
Automation
Atlassian | Jira
Automates Jira ticket creation based on RevealX detections.
Automation
Ticketing
Binary Defense | MDR
Provides ExtraHop MDR managed by Binary Defense.
Check Point | Smart-1
Integrates RevealX network telemetry and detection data for automated response on gateways.
Automation
Cisco | ISE
Automates containment, isolation, or communication abilities of devices in your network.
Automation
Cisco | Meraki NDR
Enables network-based containment powered by RevealX detection events.
Automation
Cisco | Meraki NPM
Send ExtraHop metrics and alerts to Meraki NPM.
Crowdstrike | Falcon
Provides real-time network telemetry for investigations and insights into network behavior.
Automation
EDR
Learn more
Crowdstrike | LogScale
Sends RevealX detection data to LogScale and provides storage for querying ExtraHop Records.
SIEM
Crowdstrike | Threat Intelligence
RevealX detections are enriched by CrowdStrike Falcon® Adversary Intelligence Premium threat intelligence.
Automation
Threat Intel
Cubro
Provides packet aggregation and filtering to RevealX Sensors.
Packet Aggregation
DataDog
Send RevealX detection data to DataDog for searching.
Exabeam
Send RevealX detection data to Exabeam for searching.
SIEM
F5 | LTM
Provides TLS traffic decryption using F5 iRules.
Decryption
Forescout
Integrates RevealX detection data automate containment unauthorized devices in a network.
Automation
Fortinet | Fortigate
Enables Fortigate to automatically quarantine, block, or unblock devices in a network.
Automation
Garland
Provides packet aggregation and filtering to RevealX Sensors.
Gigamon
Provides packet aggregation and filtering to RevealX Sensors.
Packet Aggregation
Learn more
Google | BigQuery
Scaleable cloud solution for storing and querying ExtraHop Records.
Learn more
Grafana
Allows Grafana to consume RevealX detections and metrics for querying, transformation, or dashboarding.
HashiCorp | Terraform
Provisions and manages cloud infrastructure, including RevealX VMs.
IBM | QRadar SIEM
Send RevealX detection data to QRadar SIEM for seaching.
SIEM
Learn more
IBM | QRadar SOAR
Send RevealX detection data to QRadar SOAR and provide support for playbooks.
Automation
KeySight/IXIA
Provides packet aggregation and filtering to RevealX Sensors.
Packet Aggregation
Kubernetes
Provides data and metadata for K8s environments.
LogRhythm
Send RevealX detection data to LogRhythm SIEM in several formats.
SIEM
MISP Threat Sharing | (Send Detections to MISP)
Send RevealX detection data and alerts to MISP.
MISP Threat Sharing | (Upload TI via Python)
Import MISP threat intelligence feed into RevealX.
Threat Intel
Microsoft | Active Directory
Included RevealX Dashboard tracks Kerberos server activity for Active Directory user and computer accounts.
Learn more
Microsoft | Defender ATP
Enables automated virus scanning or containment via Microsoft Defender for Endpoint.
Automation
EDR
Microsoft | Microsoft 365
Generate RevealX detections from Microsoft 365 events.
Microsoft | Power BI Desktop
Custom dashboards to visualize RevealX detections in Microsoft Power BI Desktop.
SIEM
Microsoft | Protocol Decryption
Decrypt Kerberos or NTLM exchanges and protocols encrypted via LDAP, MSRPC, SMB 3 and WSMAN.
Decryption
Microsoft | Sentinel
Send RevealX detection data to Microsoft Sentinel for dashboarding, alerting, and enhanced investigation.
SIEM
Microsoft | Teams
Enables RevealX NPM and NDR to monitor Teams network traffic for security and performance use cases.
Netskope | SASE
Ingest packets from Netskope to detect threats, discover devices, and gain insight into traffic.
SASE
Learn more
Niagra Networks
Provides packet aggregation and filtering to RevealX Sensors.
Packet Aggregation
Paessler | PRTG Network Monitor
Syncs active alarms on detection update events from PRTG to the RevealX detection card notes field.
PagerDuty
Send RevealX detection data to PagerDuty.
Palo Alto Networks | Cortex XSOAR
Creates investigations, orchestrated responses, and more in Cortex XSOAR based on RevealX detections.
SOAR
Automation
Learn more
Palo Alto Networks | Panorama
Enables quarantine of compromised devices based on RevealX detection data.
Automation
Firewalls
Red Canary | MDR
Allows Red Canary MDR to consume and analyze RevealX metrics.
SentinelOne | EDR
Disconnect a device that's an offender in a RevealX detection.
Automation
EDR
ServiceNow | Incident Creation
Automates ticket creation in ServiceNow from RevealX detections and alerts.
Ticketing
ServiceNow | Service Graph Connector
Enables transformation of RevealX discovered devices into ServiceNow CMDB tables.
Learn more
Sophos
Enables internal and external quarantining of offenders in RevealX detections on Sophos Firewalls.
Automation
Firewalls
Splunk | SIEM
Send RevealX detection and alert data to a Splunk HEC or SysLog receiver.
SIEM
Learn more
Splunk | SOAR
Intitate, automate, and orchestrate workflows with RevealX detection data and metrics.
SOAR
Automation
Learn more
Sumo Logic
Sends RevealX detections to Sumo Logic for analysis and correlation as well as SIEM + SOAR use cases.
Symantec | EDR
Enables Symantec to contain endpoints based on RevealX detection data.
Automation
EDR
Tenable
Allows Tenable to consume RevealX detection data.
Tines.io | SOAR
Allows Tines SOAR users to automate workflows using RevealX detection data.
SOAR
Automation
Trellix | HX EDR
Enables Trellix HX EDR to contain endpoints based on RevealX detection data.
Automation
EDR
VMware | Carbon Black
RevealX detection data powers automated quarantine of offenders.
Automation
EDR
Technology Integration Types
Built-In
Simply click the partner tile to get started. Automatically send detections and metadata to your SIEM or SOAR. Receive encrypted traffic from your SSE.
Customizable
Use the ExtraHop bidirectional REST API to automate tasks. Automatically quarantine devices with XDR. Drive actions from insights to serve your specific needs.