Technology Partners

Cybereason and Google Cloud have partnered to deliver the most powerful unified XDR solution available on the market today. XDR combines the petabyte-scale of Google Cloud with the Cybereason MalOp Engine in a single solution that delivers instant attack detection and guided incident response.

Cybereason and Microsoft have multiple integrations to help protect our increasingly connected world. In addition to protecting Windows endpoints, including legacy operating systems like XP & Server 2008+, Cybereason connects with Azure Cloud, Microsoft 365, Active Directory, and Exchange to deliver protection, detection, and response across your broader attack surface.

Cybereason and Slack have partnered on an XDR integration that can identify compromised Slack accounts, ensure that malware is not hosted or distributed via Slack, and automatically reach out to users with suspicious authentications to accelerate incident triage and investigations. The integration uniquely leverages Slack’s Security API, which feeds key data and activity to Cybereason XDR, and also enables analysts to modify Slack permissions from the Cybereason console.

Cybereason and Okta have partnered to help protect your employees and all the ways they work. XDR integrates with Okta to ingest authentication, access, and privileged user activity. In addition, alerts and context from ThreatInsight is fused with XDR context across email, endpoint, and network to provide an actionable attack view of any malicious operation (MalOp).

Cybereason and Netskope have partnered on an integration to deliver a comprehensive view of threats across clouds, endpoints, and the many ways we work today. With XDR, data from Netskope Web Proxy is fused with broader endpoint, email, identity, and application activity to identify subtle signs of malicious behavior, including account takeover and use of compromised credentials.

Cybereason and ZScaler have partnered on an integration to deliver a comprehensive view of threats across clouds, endpoints, and the many ways we work today. With XDR, data from ZScaler Web Proxy, VPN, and Firewall is fused with broader endpoint, email, identity, and application activity to identify subtle signs of malicious behavior, including account takeover and use of compromised credentials.

Cybereason and Mimecast have partnered on an integration to extend protection, detection, and response to the many ways we work today. With XDR, data from Mimecast Email Protection is fused with broader endpoint, email, identity, and application activity to provide an actionable attack view of any malicious operation (MalOp), even if the attack weaves between data siloes or traverses from phishing email to endpoint compromise.

Cybereason and Proofpoint have partnered on an integration to extend protection, detection, and response to the many ways we work today. With XDR, data from Proofpoint Targeted Attack Protection (TAP) is fused with broader endpoint, email, identity, and application activity to provide an actionable attack view of any malicious operation (MalOp), even if the attack weaves between data siloes or traverses from phishing email to endpoint compromise.

Cybereason and Oracle have partnered to protect global enterprises against advanced cybersecurity threats at every endpoint and across the enterprise. Enterprise customers benefit from the Cybereason XDR Platform machine learning prevention, detection and automated remediation capabilities; Oracle Cloud Infrastructure (OCI) provides global scalability with microsecond latency and low costs.

Cybereason and Fortinet have partnered on integrations to deliver a comprehensive view of threats across clouds, endpoints, and the many ways we work today. With XDR, data from Fortigate Firewall & IPS is fused with broader endpoint, email, identity, and application activity to identify subtle signs of malicious behavior, including lateral movement, suspicious network traffic, and signs of command & control.

Cybereason and Vectra have partnered on integrations to deliver a comprehensive view of threats across networks, endpoints, and the many ways we work today. With XDR, Vectra Cognito Detect signals are fused with endpoint, email, identity, and application activity to identify subtle signs of malicious behavior, including lateral movement, suspicious network traffic, and signs of command & control.

Cybereason and Splunk have partnered to provide analysts a unified, efficient workflow from threat triage to investigation and response. High fidelity data on MalOps (malicious operations) can be sent for further analysis and search in Splunk. Advanced response actions can be triggered and automated from within Splunk Phantom workflows.

Cybereason and Amazon have partnered to provide security teams with complete visibility, detection, and response across the modern IT enterprise. Through an integration wtih AWS CloudTrail, Cybereason XDR is able to identify signs of account takeover, anomalous access, and help teams quickly respond to malicious operations.

Cybereason and Palo Alto Networks have partnered on integrations to deliver a comprehensive view of threats across clouds, endpoints, and the many ways we work today. With XDR, data from Palo Alto IDS/IPS & Firewall technologies are fused with broader endpoint, email, identity, and application activity to identify subtle signs of malicious behavior, including lateral movement, suspicious network traffic, and signs of command & control.

Cybereason and Darktrace have partnered on integrations to deliver a comprehensive view of threats across clouds, endpoints, and the many ways we work today. With XDR, data from Darktrace NDR is fused with broader endpoint, email, identity, and application activity to identify subtle signs of malicious behavior, including lateral movement, suspicious network traffic, and signs of command & control.

Cybereason and Juniper Networks have partnered on integrations to deliver a comprehensive view of threats across clouds, endpoints, and the many ways we work today. With XDR, data from Juniper IDS/IPS & Firewall technologies are fused with broader endpoint, email, identity, and application activity to identify subtle signs of malicious behavior, including lateral movement, suspicious network traffic, and signs of command & control.

Cybereason and F5 Networks have partnered on integrations to deliver a comprehensive view of threats across clouds, endpoints, and the many ways we work today. With XDR, data from F5 Networks VPN, Web Application Firewalls, and Firewall are fused with broader endpoint, email, identity, and application activity to identify subtle signs of malicious behavior, including lateral movement, suspicious network traffic, and signs of command & control.

Cybereason and Check Point have partnered on integrations to deliver a comprehensive view of threats across clouds, endpoints, and the many ways we work today. With XDR, data from Check Point IDS/IPS & Firewall technologies are fused with broader endpoint, email, identity, and application activity to identify subtle signs of malicious behavior, including lateral movement, suspicious network traffic, and signs of command & control.

Cybereason and ThreatConnect have partnered on integrations to apply leading threat intelligence signals across the data, events, and behaviors identified by the Cybereason XDR Platform.

Cybereason and Symantec have partnered on integrations to deliver a comprehensive view of threats across clouds, endpoints, and the many ways we work today. With XDR, data from Symantec Web Proxy and DLP are fused with broader endpoint, email, identity, and application activity to identify subtle signs of malicious behavior, including lateral movement, suspicious network traffic, and signs of command & control.

Cybereason and IBM have partnered on an integration that allows customers to send high-fidelity data and insights into the QRadar SIEM console. Cybereason and IBM have partnered to offer a unified workflow by importing high fidelity data and enabling advanced response actions from within the Resilient SOAR workflow."

The Cybereason and FireEye Sandbox integration combines our threat detection and intelligence capabilities with FireEye sandboxing file analysis. The Sandbox application retrieves files associated with Cybereason malicious operations (Malops) and sends them to FireEye for analysis. The results are shared between the two platforms. For each MalOp, FireEye Detection on Demand (DOD) adds a comment with a URL linking to the FireEye analysis.

Cybereason and Sumo Logic have partnered on an integration that allows customers to send high-fidelity data and insights into the Sumo CloudSIEM console.

Cybereason and Rapid7 have partnered to enable analysts a unified, efficient workflow by automatically importing high fidelity, contextualized data into Rapid7 IDR SIEM.

Cybereason and Exabeam have partnered to enable analysts a unified, efficient workflow by automatically importing high fidelity, contextualized data into Exabeam UEBA.

Cybereason and ServiceNow have partnered to enable analysts a unified, efficient workflow by automatically importing high fidelity, contextualized data into ServiceNow ITSM.

Cybereason and Siemplify have partnered to offer a unified workflow by importing high fidelity data and enabling advanced response actions from within the Siemplify workflow.

Cybereason and DFLabs have partnered to offer a unified workflow by importing high fidelity data and enabling advanced response actions from within the DFLabs workflow.

Cybereason and LogicHub have partnered to offer a unified workflow by importing high fidelity data and enabling advanced response actions from within the LogicHub workflow.

Cybereason and Swimlane have partnered to offer a unified workflow by importing high fidelity data and enabling advanced response actions from within the Swimlane SOAR workflow.

Cybereason and SCADAfence have partnered to give endpoint controls alongside high-fidelity behavioral indicators of compromise across endpoints and operational network equipment.

Cybereason and EclecticIQ have partnered to optimize security workflows by synchronizing reputation feeds and enhancing detections of malicious activity.

With this integration, suspicious files and various indicators of compromise (IOC) can be easily uploaded to VirusTotal for security analysis.

The Polarity and Cybereason integration allows users to rapidly understand if anyone in their environment has been affected by malware.

Cybereason and ThreatQuotient have partnered to optimize security workflows by synchronizing reputation feeds and enhancing detections of malicious activity.

With this integration, get additional insights into SafeBreach as it runs attack simulations across your environment. You can quickly view the results of attack simulations run in SafeBreach, and how Cybereason detected or prevented these items. This helps you tune and better customize to your environment, and improve the quality and resilience of your cyber defenses.

Cybereason and AttackIQ have partnered to empower security teams to efficiently tune and optimize security controls, while getting complete visibility into potential blind spots.

With this integration, Cybereason sends endpoint telemetry to Axonius, adding context to your enterprise asset management workflows and strengthening overall security efficacy.

The Cybereason endpoint platform is certified by OPSWAT, enabling security and IT teams to better protect enterprise assets and adhere to compliance requirements.

Cybereason partners with MITRE in many ways, including participation in the MITRE Center for Threat-Informed Defense, active participation in the MITRE ATT&CK Evaluations, and direct mapping to the MITRE ATT&CK Framework across our XDR platform. When ingesting and enriching data across identity, email, endpoints, and clouds, behavioral data is identified and mapped to MITRE ATT&CK tactics and techniques. Our Attack Simulations often highlight MITRE Adversary Emulation Plans, and a mapping of our detections to the framework is available upon request.

Cybereason and ExtraHop have partnered to offer a unified workflow by auto enriching of security telemetry and extending response capabilities from within the ExtraHop console.

Ananda Networks provides an AI-based network fabric, enabling organizations to create their own private, high-performance, low-latency networks, connecting remote users and devices to applications in the data center or cloud with unparalleled speed, security, and simplicity.

Sevco is the cloud-native security asset management platform for enterprises that require an accurate IT inventory. Its patented telemetry technology creates a unified inventory that is updated continuously to deliver real-time asset intelligence and help security and IT teams identify and close their previously unknown security gaps.