Integrations

RST Threat Feed has out-of-the-box integration with many SIEM and TIP solutions. Additionally, you can immediately integrate RST Threat Feed with NGFW solutions to provide your network perimeter with accurate information on current cyberthreats.

FortiGate

Fortigate firewalls can directly be integrated with RST Threat Feed via API. It gives options to block or alert on access to malicious websites or IP addresses. The integration is seamless and requires no extra software to be used to configure the firewalls.

Palo Alto NGFW

Palo Alto NGFW can directly be integrated with RST Threat Feed via API. It gives options to block or alert on access to malicious websites or IP addresses. The integration is seamless and requires no extra software to be used to configure the firewalls.

IBM Qradar SIEM solution

RST Thread Feed integrated with IBM Qradar SIEM via RST Downloder agent. This agent automatically downloads all the required data and pushes it to the SIEM via API. There are options to filter indicators through its score and types, malware, tags etc

Palo Alto Cortex XSOAR

Palo Alto Cortex XSOAR can directly be integrated with RST Threat Feed via API. It gives an ability to query RST Cloud API directly from any playbook or using the war room commands.

Cisco Firepower

Cisco Firepower can directly be integrated with RST Threat Feed via API. It gives options to block or alert on access to malicious websites or IP addresses. The integration is seamless and requires no extra software to be used to configure the firewalls.

Splunk Enterprise

RST Thread Feed integrated with Splunk. The app is published on the official Splunk marketplace and allows to automate downloading and maintenance of the feeds into Splunk.

Elastic SIEM

RST Thread Feed is integrated with Elastic SIEM solution via a custom elastic filebeat/agent configuration. There are options to filter indicators through its score and types, malware, tags etc

MISP

RST Thread Feed is integrated with MISP via a python script. There are options to filter indicators through its score and types, malware, tags etc

ArcSight ESM/Logger SIEM solution

RST Thread Feed is integrated with Arcsight ESM/Logger solutions via RST Downloder agent. There are options to filter indicators through its score and types, malware, tags etc

R-Vision TIP

RST Thread Feed is natively integrated with R-Vision TIP via API.

Technological partners

paloalto
uiners
defensys
r-vision