Darktrace Integrations
Integrate anything
Any Cloud. Any SIEM. Any SOAR. Any VPN. Any SSE.
Any Workflow.
Through Darktrace's open architecture, it's easy to bring AI to your data, extend autonomous response, and view Darktrace intelligence wherever your teams need it.
Any Workflow.
Through Darktrace's open architecture, it's easy to bring AI to your data, extend autonomous response, and view Darktrace intelligence wherever your teams need it.
AWS
Detect and respond to cloud based threats across AWS services from EC2 to EKS and monitor administrative and resource management activity.
AWS Lambda
Take custom actions through invoked AWS Lambda functions to respond to any threat across your AWS footprint.
Azure
Detect and respond to cloud based threats across IaaS, PaaS, and control planes. Monitor M365 administration and access via AzureAD and cloud infrastructure resource management.
Azure Sentinel
Analyze Darktrace AI Analyst incidents and model breach alerts in Azure Sentinel.
Carbon Black
Enrich Darktrace AI decision-making with alerts from Carbon Black.
Check Point NGFW
Extend Darktrace autonomous response to Check Point firewalls.
Cisco ASA FirePOWER
Extend Darktrace autonomous response to Cisco firewalls.
Cisco FirePOWER Threat Defense
Extend Darktrace autonomous response to FirePOWER Threat Defense.
Cisco Meraki Firewall
Extend Darktrace autonomous response to Cisco Meraki firewalls.
Citrix TSA
Enrich Darktrace user tracking for Citrix Virtual Apps and Virtual Desktop users.
Cortex XSOAR
Leverage custom playbooks to orchestrate actions triggered by Darktrace alerts.
Crowdstrike Falcon
Enrich Darktrace AI decision-making with alerts from the Crowdstrike Falcon platform.
Cybereason EDR
Enrich Darktrace AI decision-making with alerts from Cybereason.
Duo
Detect and respond to threats from across the organization via Duo IAM.
Elastic Security
Analyze, correlate, and visualize Darktrace AI Analyst incidents and model breach alerts.
Endace
Deploy and host Darktrace sensors on EndaceProbes for increased forensic evidence and storage.
FortiSOAR
Leverage custom playbooks to orchestrate actions triggered by Darktrace AI Analyst incidents and model breaches. Automate commands to pull deeper information back from Darktrace.
Fortigate Firewall
Extend Darktrace autonomous response to Fortigate firewalls.
Google Cloud Platform
Detect and respond to cloud based threats across VMs and containers and monitor administrative activity and resource management in GCP.
Google Workspace
Detect and respond to threats in Gmail, and monitor user activity, user management, file creation and sharing, and administrative events across Google Workspace apps.
Hunters SOC Platform
Integrate Darktrace with Hunters to allow triaging of Darktrace alerts and incidents via the Hunters console, as well as further investigating and correlating them to related threats
InsightConnect
Leverage custom playbooks to orchestrate actions triggered by Darktrace AI Analyst incidents and model breaches. Automate commands to pull deeper information back from Darktrace.
InsightIDR
Analyze Darktrace AI Analyst incidents and model breach alerts in InsightIDR.
InsightVM
Enrich Darktrace detection and response with additional device information.
Jira
Create Jira issues for AI Analyst incidents, model breaches, and system health alerts.
Jumpcloud
Detect unusual administration and user activity within Jumpcloud.
Juniper Networks SRX
Extend Darktrace autonomous response to Juniper firewalls.
Keysight
Capture and direct cloud or on-prem traffic with ease for Darktrace analysis.
LogRhythm
Analyze Darktrace AI Analyst incidents and model breach alerts in LogRhythm.
Microsoft 365
Detect and respond to threats across M365 services, including Exchange, Sharepoint/OneDrive for Business, Dynamics, and Teams.
Microsoft Advanced Hunting
Enrich Darktrace detections with on-demand data for increased threat hunting context from the endpoint.
Microsoft Graph Security API
Enrich Darktrace detection with alerts from Microsoft Cloud App Security, the Microsoft Defender suite, Azure Information Protection, and Azure Identity Protection.
Netskope
Detect unusual user activity and threats in Netskope Next Gen Secure Web Gateway.
Okta
Detect and respond to threats from across the organization via Okta IAM.
Palo Alto GlobalProtect VPN
Enrich Darktrace user and device tracking for VPN.
Palo Alto Networks NGFW
Extend Darktrace autonomous response to Palo Alto firewalls.
QRadar
Analyze Darktrace AI Analyst incidents and model breach alerts in Qradar.
Salesforce
Detect unusual user behavior and resource actions in Salesforce.
ServiceNow SecOps
Leverage custom playbooks to orchestrate actions triggered by Darktrace alerts.
Siemplify
Leverage custom playbooks to orchestrate actions triggered by Darktrace alerts.
Slack Enterprise
Detect unusual administrative and user activity in Slack.
Splunk
Analyze Darktrace AI Analyst incidents and model breach alerts in CIM compatible Splunk dashboards, and poll Splunk data to enrich Darktrace modeling with additional contextual information.
Splunk SOAR
Leverage custom playbooks to orchestrate actions triggered by Darktrace AI Analyst incidents and model breaches. Automate commands to pull deeper information back from Darktrace.
Swimlane
Leverage custom playbooks to orchestrate actions triggered by Darktrace alerts.
Tenable.io
Enrich Darktrace AI decision-making with vulnerability data from Tenable.
Zoom
Detect and respond to unusual administrative and user activity in Zoom.
Zscaler Cloud Firewall
Extend Darktrace autonomous response to the Zscaler Cloud Firewall.
Zscaler Private Access
Monitor user connection activity to internal applications via ZPA.
Partnerships power integrations.
Darktrace Technology Partners benefit from access, guidance, and collaborative go-to-market.