Integration

We provide quick and easy out-of-the-box integration with many SIEM, SOAR, TIP, EDR, XDR, NGFW, and WAF solutions. The knowledge we produce is actionable to the extent that machines can facilitate end-to-end detection, prevention, and response.

FortiGate

Fortigate firewalls can directly be integrated with RST Threat Feed via API. It gives options to block or alert on access to malicious websites or IP addresses. The integration is seamless and requires no extra software to be used to configure the firewalls.

Datasheet
Palo Alto NGFW

Palo Alto NGFW can directly be integrated with RST Threat Feed via API. It gives options to block or alert on access to malicious websites or IP addresses. The integration is seamless and requires no extra software to be used to configure the firewalls.

Datasheet
IBM Qradar SIEM solution

RST Thread Feed integrated with IBM Qradar SIEM via RST Downloder agent. This agent automatically downloads all the required data and pushes it to the SIEM via API. There are options to filter indicators through its score and types, malware, tags etc

Datasheet
Palo Alto Cortex XSOAR

Palo Alto Cortex XSOAR can directly be integrated with RST Threat Feed via API. It gives an ability to query RST Cloud API directly from any playbook or using the war room commands.

Datasheet
Splunk Enterprise

RST Thread Feed integrated with Splunk. The app is published on the official Splunk marketplace and allows to automate downloading and maintenance of the feeds into Splunk.

Documentation
Microsoft Sentinel

RST Thread Feed is integrated with Microsoft Sentinel SIEM via a standard STIX/TAXII integration. There are options to filter indicators through its score and types, malware, tags etc

Documentation
Elastic SIEM

RST Thread Feed is integrated with Elastic SIEM solution via a custom elastic filebeat/agent configuration. There are options to filter indicators through its score and types, malware, tags etc

Datasheet
MISP

RST Thread Feed is integrated with MISP via a python script. There are options to filter indicators through its score and types, malware, tags etc

Datasheet
ArcSight ESM/Logger SIEM solution

RST Thread Feed is integrated with Arcsight ESM/Logger solutions via RST Downloder agent. There are options to filter indicators through its score and types, malware, tags etc

Datasheet
OpenCTI

RST Thread Feed is natively integrated with OpenCTI via API.

Datasheet
Cisco Firepower

Cisco Firepower can directly be integrated with RST Threat Feed via API. It gives options to block or alert on access to malicious websites or IP addresses. The integration is seamless and requires no extra software to be used to configure the firewalls.

Datasheet
LogRhythm Cloud SIEM

RST Thread Feed is integrated with LogRhythm via RST a standard STIX/TAXII integration. There are options to filter indicators through its score and types, malware, tags etc

Datasheet

Trusted by partners

Become a Partner