TECHNOLOGY PARTNERS
RevealX™ Integrations
From streamlined analytics to response automation, together, we help you thrive
Integration Categories
AWS | Amazon Security Lake
Send RevealX detection data and network intelligence enabling a wide range of use cases.
Learn more
Atlassian | Jira
Automates Jira ticket creation based on RevealX detections.
Ticketing
Automated Response
Binary Defense | MDR
Provides ExtraHop MDR managed by Binary Defense.
Check Point | Smart-1
Integrates RevealX network telemetry and detection data for automated response on gateways.
Automated Response
Cisco | ISE
Automates containment, isolation, or communication abilities of devices in your network.
Automated Response
Cisco | Meraki
Send ExtraHop detections and metrics to Meraki. Enable detections to automatically quarantine devices.
Automated Response
Crowdstrike | Falcon
Correlate network insights with endpoint details and threat intelligence. Automatically quarantine devices. Discover endpoints that do not yet have a CrowdStrike agent.
EDR
Automated Response
Learn more
Crowdstrike | LogScale
Ingest RevealX network telemetry to enrich log data in LogScale. Store and query ExtraHop records.
Record Storage
Crowdstrike | Next-Gen SIEM
Ingest RevealX network telemetry to correlate insights with EDR, orchestrate data and automate response with Falcon Foundry
SIEM
Crowdstrike | Threat Intelligence
RevealX detections are enriched by CrowdStrike Falcon® Adversary Intelligence Premium threat intelligence.
Automated Response
Threat Intel
Cubro | Network Packet Brokers
Provides packet aggregation and filtering to RevealX Sensors.
Packet Aggregation
DataDog | Datadog
Send RevealX detection data to DataDog for searching.
SIEM
Exabeam | Security Operations Platform
Send RevealX detection data to Exabeam for searching.
SIEM
F5 | LTM
Provides TLS traffic decryption using F5 iRules.
Decryption
Forescout
Integrates RevealX detection data automate containment unauthorized devices in a network.
SIEM
Fortinet | FortiGate
Enables FortiGate to automatically quarantine, block, or unblock devices in a network.
Automated Response
Firewalls
Garland | Network Packet Brokers
Provides packet aggregation and filtering to RevealX sensors.
Gigamon | GigaVUE Network Taps
Provides packet aggregation and filtering to RevealX sensors.
Packet Aggregation
Learn more
Google | BigQuery
Scalable cloud solution for storing and querying ExtraHop records.
Record Storage
Learn more
Grafana
Allows Grafana to consume RevealX detections and metrics for querying, transformation, or dashboarding.
HashiCorp | Terraform
Provisions and manages cloud infrastructure, including RevealX VMs.
Hewlett Packard Enterprise | Aruba ClearPass Policy Manager
Automate containment of unauthorized devices in your network.
IBM | QRadar SIEM
Send RevealX detection data to QRadar SIEM (on-premises) for searching.
SIEM
Learn more
Keysight | Network Packet Brokers
Provides packet aggregation and filtering to RevealX sensors.
Packet Aggregation
Kubernetes | Container Monitoring
Provides data and metadata for K8s environments.
MISP | Malware Information Sharing Platform
Import MISP threat intelligence feed into RevealX via Python. Send RevealX detection data and alerts to MISP.
Threat Intel
Microsoft | Defender for Endpoint
Enables automated virus scanning or containment via Microsoft Defender for Endpoint.
EDR
Automated Response
Microsoft | Entra ID
Track Kerberos server activity for Entra ID user and device accounts within the RevealX dashboard.
Learn more
Microsoft | Microsoft 365
Generate RevealX detections from Microsoft 365 events.
Microsoft | Power BI Desktop
Visualize RevealX detections within Microsoft Power BI Desktop using custom dashboards.
SIEM
Microsoft | Protocol Decryption
Decrypt Kerberos or NTLM exchanges and protocols encrypted via LDAP, MSRPC, SMB 3 and WSMAN.
Decryption
Microsoft | Sentinel
Send RevealX detection data to Microsoft Sentinel for dashboarding, alerting, and enhanced investigation.
SIEM
Microsoft | Teams
Enables RevealX NPM and NDR to monitor Teams network traffic for security and performance use cases.
Netskope | Intelligent SSE
Ingest packets and session keys from Netskope to detect threats, discover devices, and gain insights into cloud traffic.
SASE
Learn more
Niagara Networks | Network Packet Brokers
Provides packet aggregation and filtering to RevealX sensors.
Packet Aggregation
Paessler | PRTG Network Monitor
Syncs active alarms on detection update events from PRTG to the RevealX detection card notes field.
PagerDuty
Send RevealX detection data to PagerDuty.
Palo Alto Networks | Cortex XSOAR
Creates investigations, orchestrated responses, and more in Cortex XSOAR based on RevealX detections.
Automated Response
SOAR
Learn more
Palo Alto Networks | Panorama
Quarantine compromised devices based on RevealX detection data.
Firewalls
Automated Response
Red Canary | MDR
Allows Red Canary MDR to consume and analyze RevealX metrics.
Redhat | Ansible Automation Platform
Enables faster automated deployment of RPCAP on Linux machines.
SentinelOne | Singularity Endpoint
Quarantine compromised devices based on RevealX detection data.
EDR
Automated Response
ServiceNow | ITSM
Automates ticket creation in ServiceNow ITSM from RevealX detections and alerts.
Ticketing
ServiceNow | Service Graph Connector
Pull network telemetry into ServiceNow CMDB to enrich discovered device data and establish relationships between devices based on network traffic flow.
Learn more
Slack
Send detections via webhook to Slack groups for instant messaging.
Sophos | Firewall
Quarantine compromised devices based on RevealX detection data.
Firewalls
Automated Response
Splunk | SOAR
Intitate, automate, and orchestrate workflows with RevealX detection data and metrics.
SOAR
Automated Response
Learn more
Splunk | Splunk Enterprise and Splunk Cloud
Export RevealX detections and metrics about devices, device groups, applications, and networks to your SIEM.
SIEM
Learn more
Sumo Logic
Sends RevealX detections to Sumo Logic for analysis and correlation as well as SIEM + SOAR use cases.
Symantec | EDR
Enables Symantec to contain endpoints based on RevealX detection data.
EDR
Automated Response
Tenable | One
Allows Tenable to consume RevealX detection data.
Tines.io | SOAR
Allows Tines SOAR users to automate workflows using RevealX detection data.
SOAR
Automated Response
Trellix | Endpoint Security
Quarantine endpoints based on RevealX detections.
EDR
Automated Response
VMware | Carbon Black EDR
Quarantine endpoints based on RevealX detections.
EDR
Automated Response
Technology Integration Types
Built-In
Simply click the partner tile to get started. Automatically send detections and metadata to your SIEM or SOAR. Receive encrypted traffic from your SSE.
Customizable
Use the ExtraHop bidirectional REST API to automate tasks. Automatically quarantine devices with XDR. Drive actions from insights to serve your specific needs.
Solve tough challenges with seamless solutions
We believe the future of IT lies in strong technical integrations that make use of all four data sources crucial to Open IT Operational Architecture.
Want to join us?
Built-in CrowdStrike Threat Intelligence, Falcon LogScale Record Storage, and More
Zero Trust Integration from ExtraHop and Netskope Gives Security Teams Visibility into SSE Tunnels
