68 Integrations with Microsoft Sentinel
View a list of Microsoft Sentinel integrations and software that integrates with Microsoft Sentinel below. Compare the best Microsoft Sentinel integrations as well as features, ratings, user reviews, and pricing of software that integrates with Microsoft Sentinel. Here are the current Microsoft Sentinel integrations in 2025:
-
1
Zendesk
Zendesk
Zendesk is an AI-powered service solution that’s easy to set up, use, and scale. It works out-of-the-box and adapts quickly, enabling businesses to move faster. Built on billions of CX interactions, Zendesk AI supports the whole service journey—from self-service to agents to admins—helping teams resolve issues faster and operate efficiently at scale. Zendesk empowers agents with tools, insights, and context to deliver personalized service on any channel—social messaging, phone, or email. It unifies personalized conversations, omnichannel case management, AI workflows, automation, and a Marketplace of 1200+ apps. Easy to implement, it frees teams from relying on IT or costly partners. Serving over 130K global brands in 30+ languages, Zendesk simplifies business complexity to create meaningful customer connections. Headquartered in San Francisco, it operates worldwide.Starting Price: $25/agent/month -
2
AllSecureX
AllSecureX
AllSecureX is an AI-driven cyber risk quantification platform that translates cyber threats into clear business impact measured in real dollars. It provides organizations with a precise risk score and actionable insights without technical jargon, making cybersecurity understandable for executives. The platform leverages AllSecureXGPT for real-time answers to complex security questions and uses predictive modeling through its Pentagon Framework to aid strategic decision-making. Automated protection features reduce manual workload while strengthening defenses using AI, machine learning, and robotic process automation. AllSecureX covers a comprehensive range of security domains, including quantum-safe security, cloud, network, email, and third-party risk monitoring. It helps organizations transform cyber threats into business intelligence and bottom-line protection.Starting Price: $30/month per digital asset -
3
GoTo Meeting
GoTo
GoTo Meeting provides a fast, easy and reliable online meeting solution designed to power workforce productivity. Build better relationships and drive business outcomes by meeting face to face, sharing presentations and chatting with colleagues all with the click of a button. Leveraged by many of the largest companies around the world, GoTo Meeting is trusted by millions of people everyday for professional real-time virtual communication and collaboration. Meet confidently with crystal clear audio and video over a simple and intuitive interface. GoTo Meeting Smart Assistant takes productivity to the next level with time saving features like meeting transcripts. GoTo Meeting mobile apps give you the power to meet seamlessly no matter where you are in the world.Starting Price: $12.00/month -
4
LinkedIn
LinkedIn
Welcome to your professional community. Find the right job or internship for you. LinkedIn is the world's largest social network for professionals. LinkedIn connects the world's professionals to make them more productive and successful. With more than 756 million members worldwide, including executives from every Fortune 500 company, LinkedIn is the world's largest professional network. The company has a diversified business model with revenue coming from Talent Solutions, Marketing Solutions, Sales Solutions and Premium Subscriptions products. Headquartered in Silicon Valley, LinkedIn has offices across the globe.Starting Price: Free -
5
Docusign
Docusign
Docusign is a cutting-edge cloud-based electronic signature solution that empowers companies of all sizes to send, sign, and manage agreements anytime, anywhere, and on any device. Trusted by more than 250,000 companies in 188 countries, Docusign enables users to sign various types of documents such as school permission slips, business contracts, agreements, and approvals. Docusign also enables users to send and sign documents in multiple languages and provides a mobile application for Android, iOS, and Windows devices. If your organization executes notarial acts, Docusign eNotary makes the notarization process fully digital for all parties involved: senders, signers, and notaries. It enables a Notary Public to act as an in-person witness to electronic signing of documents.Starting Price: $10.00/month/user -
6
GoTo Webinar
GoTo
GoTo Webinar erases the headache and hassle from webinars. No matter your goal or skill level, you’ll quickly see why so many love the GoTo Webinar platform. Go from preparing a webinar to presenting in fewer steps – and have a lot of fun along the way.Starting Price: $49 per month -
7
Microsoft Azure
Microsoft
Microsoft's Azure is a cloud computing platform that allows for rapid and secure application development, testing and management. Azure. Invent with purpose. Turn ideas into solutions with more than 100 services to build, deploy, and manage applications—in the cloud, on-premises, and at the edge—using the tools and frameworks of your choice. Continuous innovation from Microsoft supports your development today, and your product visions for tomorrow. With a commitment to open source, and support for all languages and frameworks, build how you want, and deploy where you want to. On-premises, in the cloud, and at the edge—we’ll meet you where you are. Integrate and manage your environments with services designed for hybrid cloud. Get security from the ground up, backed by a team of experts, and proactive compliance trusted by enterprises, governments, and startups. The cloud you can trust, with the numbers to prove it. -
8
Amazon S3
Amazon
Amazon Simple Storage Service (Amazon S3) is an object storage service that offers industry-leading scalability, data availability, security, and performance. This means customers of all sizes and industries can use it to store and protect any amount of data for a range of use cases, such as data lakes, websites, mobile applications, backup and restore, archive, enterprise applications, IoT devices, and big data analytics. Amazon S3 provides easy-to-use management features so you can organize your data and configure finely-tuned access controls to meet your specific business, organizational, and compliance requirements. Amazon S3 is designed for 99.999999999% (11 9's) of durability, and stores data for millions of applications for companies all around the world. Scale your storage resources up and down to meet fluctuating demands, without upfront investments or resource procurement cycles. Amazon S3 is designed for 99.999999999% (11 9’s) of data durability. -
9
Adobe Acrobat Sign
Adobe
Transform and speed up your workflows with Acrobat Sign – the only e-sign tool that includes the power of Adobe Acrobat in one package. Access Acrobat PDF documents and sign documents from anywhere, on mobile or desktop. Your recipients can sign in a snap — no downloads or sign-ups required. Easily scan and upload PDFs using the free Adobe Scan mobile app on your device. Join 500,000 organizations who are elevating the customer experience with the power of electronic signature software and Acrobat PDF features. Adobe makes it easy for you to create, edit, collaborate, e-sign, and share PDFs, on any device. Choose from a range of scalable document signing solutions to meet your unique business needs — with or without PDF document management features. As Microsoft’s preferred e-signature solution, Acrobat Sign integrates with the most comprehensive suite of Microsoft apps, so you can send and sign PDFs without leaving the app you’re working in. -
10
Vimeo
Vimeo
Put your videos to work. More engagement, more collaboration, more growth for your business. Trusted by brands worldwide. Built for you. Upload all your videos with up to 7TB of storage (no weekly limits!), organize your library, and enjoy advanced privacy settings and player customization. Add team members to your account, and easily collaborate thanks to video review tools with time-coded notes from unlimited reviewers. Embed your videos anywhere, add clickable calls to action in the player, and capture email addresses and sync them with your email marketing software. Dig into advanced stats with Google Analytics, and check engagement graphs to see where viewers are most enthralled (and where to improve). Gorgeous, high-quality video sharing on desktop, mobile, tablet, and TV.Starting Price: $20 per month -
11
Adobe Creative Cloud
Adobe
Creative Cloud is a collection of 20+ desktop and mobile apps and services for photography, design, video, web, UX, and more. Now you can take your ideas to new places with Photoshop on the iPad, draw and paint with Adobe Fresco, and design for 3D and AR. Join our global creative community — and make something better together. Explore your creativity with desktop and mobile apps including Photoshop, InDesign, and Premiere Rush. Access thousands of fonts for your projects right within your Creative Cloud apps. Showcase and discover creative work. Save, browse, and share assets from libraries right inside your Creative Cloud apps. Create and customize your own portfolio website. Get 100GB of cloud storage for file sharing and collaboration. Work better together with tools for sharing, reviewing, and commenting. Photography, video, design, UI and UX, 3D and AR, and social media. Creative Cloud has everything you need, wherever your imagination takes you.Starting Price: $19.99 per month -
12
Microsoft Defender XDR
Microsoft
Microsoft Defender XDR is an industry-leading extended detection and response (XDR) platform that provides unified investigation and response capabilities across various assets, including endpoints, IoT devices, hybrid identities, email, collaboration tools, and cloud applications. It offers centralized visibility, powerful analytics, and automatic cyberattack disruption to help organizations detect and respond to threats more effectively. By integrating multiple security services, such as Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Identity, and Microsoft Defender for Cloud Apps, it enables security teams to correlate signals across these services, providing a comprehensive view of threats and facilitating coordinated responses. This integration allows for automatic actions to prevent or stop attacks and self-heal affected assets, enhancing overall security posture. -
13
Workday HCM
Workday
An HCM system that adapts to what comes next. Your workforce, how and where people work, even the skills you need continue to shift. So how do you adapt to what the future brings? Meet Workday Human Capital Management (HCM). Our machine learning helps you understand your people’s skills today and build talent around the skills you'll need tomorrow. Workday Human Capital Management empowers you to curate recommendations, suggest learning, and keep communication open. And do it at scale. Our augmented analytics surfaces insights from vast data sets, explaining what’s happening and why in stories you can understand. We deliver intelligent automation across the entire attract-to-pay process, eliminating manual tasks and empowering your people to be their most productive selves. From compensation and payroll to time tracking, benefits, and more, Workday HCM helps you take care of your workforce. -
14
Validato
Validato
Validato allows IT and Security teams to test the effectiveness of security controls by simulating adversarial behaviors based on known threat scenarios. Validato provides unbiased data and finding on how effective security controls are at detecting and protecting against exploitation of MITRE ATT&CK Techniques. If you are looking to implement a Threat-Informed Defense approach to cyber defense, then Validato is an excellent choice for you.Starting Price: $10,000/year -
15
Silent Push
Silent Push
Silent Push reveals adversary infrastructure, campaigns, and security problems by searching across the most timely, accurate and complete Threat Intelligence dataset available. Defenders can focus on stopping threats before they cause a problem and significantly improve their security operations across the entire attack chain whilst simultaneously reducing operational complexity. The Silent Push platform exposes Indicators of Future Attack (IOFA) by applying unique behavioral fingerprints to attacker activity and searching our dataset. Security teams can identify new impending attacks, rather than relying upon out-of-date IOCs delivered by legacy threat intelligence. Our solutions include: Proactive Threat Hunting - Identify and track malicious infrastructure before it’s weaponized. Brand & Impersonation - Protect your brand from phishing, malvertisement, and spoofing attacks. IOFA Early Detection Feeds - Monitor global threat activity with proactive intelligence.Starting Price: $100/month -
16
ServiceNow
ServiceNow
Digitize your workflows - they'll love you for it. Your company can be more productive and your people more engaged. ServiceNow makes work, work better for people. Transform old, manual ways of working into modern digital workflows, so employees and customers get what they need, when they need it—fast, simple, easy. ServiceNow delivers digital workflows that create great experiences and unlock productivity for employees and the enterprise. We simplify the complexity of work on a single, enterprise cloud platform. The Now Platform: The intelligent and intuitive cloud platform for work. Choose from our workflows or build your own apps. Built on the Now Platform, our product portfolio delivers the IT, Employee, and Customer Workflows that matter with enterprise solutions to help drive every part of your digital transformation. Create the great experiences you want and unlock the productivity you need, now with native mobile capabilities for everyday work across the enterprise.Starting Price: $100 per month -
17
Azure DevOps
Microsoft
Azure DevOps is a comprehensive set of modern development tools that help teams plan smarter, collaborate better, and deliver software faster. It provides services like Azure Boards for work tracking, Azure Pipelines for continuous integration and deployment, Azure Repos for Git-based source control, and Azure Test Plans for quality assurance. With built-in support for GitHub Copilot, developers can boost productivity by leveraging AI-assisted coding. The platform offers seamless integration with a variety of tools and supports any language, platform, or cloud environment. Azure DevOps emphasizes security with extensive compliance certifications and a dedicated engineering team. Trusted by leading global companies, it enables organizations to accelerate development cycles while maintaining high code quality and operational agility.Starting Price: $6 per user per month -
18
VirtualMetric
VirtualMetric
VirtualMetric is a powerful telemetry pipeline solution designed to enhance data collection, processing, and security monitoring across enterprise environments. Its core offering, DataStream, automatically collects and transforms security logs from a wide range of systems such as Windows, Linux, MacOS, and Unix, enriching data for further analysis. By reducing data volume and filtering out non-meaningful logs, VirtualMetric helps businesses lower SIEM ingestion costs, increase operational efficiency, and improve threat detection accuracy. The platform’s scalable architecture, with features like zero data loss and long-term compliance storage, ensures that businesses can maintain high security standards while optimizing performance.Starting Price: Free -
19
Amazon Redshift
Amazon
More customers pick Amazon Redshift than any other cloud data warehouse. Redshift powers analytical workloads for Fortune 500 companies, startups, and everything in between. Companies like Lyft have grown with Redshift from startups to multi-billion dollar enterprises. No other data warehouse makes it as easy to gain new insights from all your data. With Redshift you can query petabytes of structured and semi-structured data across your data warehouse, operational database, and your data lake using standard SQL. Redshift lets you easily save the results of your queries back to your S3 data lake using open formats like Apache Parquet to further analyze from other analytics services like Amazon EMR, Amazon Athena, and Amazon SageMaker. Redshift is the world’s fastest cloud data warehouse and gets faster every year. For performance intensive workloads you can use the new RA3 instances to get up to 3x the performance of any cloud data warehouse.Starting Price: $0.25 per hour -
20
Couchdrop
Couchdrop
Couchdrop is the modern SFTP platform for b2b file transfers, file-based automation, and data flows – simple, secure, and built for the cloud. By being completely in the cloud, Couchdrop automatically scales to meet the needs of businesses from startups to enterprises. Organizations can securely transfer millions of files and terabytes of data with automatic scaling that can meet the most intense file transfer requirements, all without having any infrastructure management. Supporting simple, direct connections to storage like SharePoint, Dropbox, Azure, and more, Couchdrop integrates with over 20 platforms and growing. Couchdrop does not store data at any stage of the process and acts as a secure pipe between systems, leaving you in full control at all times. Couchdrop aims to be simple and easy enough for anyone to use. An SFTP server is created immediately at sign-up, and all admin and management tasks are done through a modern, uncomplicated web interface.Starting Price: $50/month -
21
SOC Prime Platform
SOC Prime
SOC Prime operates the world’s largest and most advanced platform for collective cyber defense that cultivates collaboration from a global cybersecurity community and curates the most up-to-date Sigma rules compatible with over 28 SIEM, EDR, and XDR platforms. SOC Prime’s innovation, backed by the vendor-agnostic and zero-trust cybersecurity approach, and cutting-edge technology leveraging Sigma language and MITRE ATT&CK® as core pillars are recognized by the independent research companies, credited by the leading SIEM, XDR & MDR vendors, and trusted by 8,000+ organizations from 155 countries, including 42% of Fortune 100, 21% of Forbes Global 2000, 90+ public sector institutions, and 300+ MSSP and MDR providers. Driven by its advanced cybersecurity solutions, Threat Detection Marketplace, Uncoder AI, and Attack Detective, SOC Prime enables organizations to risk-optimize their cybersecurity posture while improving the ROI of their SOC investments. -
22
Microsoft Defender for IoT
Microsoft
Accelerate digital transformation with comprehensive security across your IoT/OT infrastructure. Microsoft Defender for IoT offers agentless network detection and response (NDR) that is rapidly deployed, works with diverse IoT, OT, and industrial control system (ICS) devices, and interoperates with Microsoft 365 Defender, Microsoft Sentinel, and external security operations center (SOC) tools. Deploy on-premises or via cloud. For IoT device builders, Defender for IoT offers lightweight agents for stronger device-layer security. Use passive, agentless network monitoring to safely gain a complete inventory of all your IoT/OT assets, with zero impact on IoT/OT performance. Analyze diverse and proprietary industrial protocols to visualize your IoT/OT network topology and see communication paths, and then use that information to accelerate network segmentation and zero trust initiatives.Starting Price: $0.001 per device per month -
23
Cyble
Cyble
Cyble is a leading AI-native cybersecurity platform that delivers intelligence-driven defense to help organizations stay ahead of evolving cyber threats. Powered by its Gen 3 Agentic AI, Cyble offers autonomous threat detection, real-time incident response, and proactive defense mechanisms. The platform provides comprehensive capabilities including attack surface management, vulnerability management, brand protection, and dark web monitoring. Trusted by governments and enterprises worldwide, Cyble combines unmatched visibility with scalable technology to keep security teams ahead of adversaries. With advanced AI that can predict threats months in advance, Cyble helps reduce response times and minimize risks. The company also offers extensive research, threat intelligence reports, and personalized demos to support customer success. -
24
Azure Web Application Firewall
Microsoft
Azure Web Application Firewall is a cloud-native service that protects web apps from common web-hacking techniques such as SQL injection and security vulnerabilities such as cross-site scripting. Deploy the service in minutes to get complete visibility into your environment and block malicious attacks. Protect your web applications in just a few minutes with the latest managed and preconfigured rule sets. The Azure Web Application Firewall detection engine combined with updated rule sets increases security, reduces false positives, and improves performance. Use Azure Policy to help enforce organizational standards and assess compliance at scale for Web Application Firewall resources. Get an aggregated view to evaluate the overall state of your environment.Starting Price: $0.443 per gateway per hour -
25
Microsoft Purview Data Loss Prevention
Microsoft
Get intelligent detection and control of sensitive information across Office 365, OneDrive, SharePoint, Microsoft Teams, and on the endpoint. Our data landscape has evolved and data loss prevention (DLP) solutions need to evolve too. Learn about the common deployment states, migration challenges, and best practices including the benefits of adopting a cloud-native DLP solution. Help prevent unauthorized sharing, use, or transfer of sensitive information across apps, services, and devices with Microsoft Purview Data Loss Prevention. Create, manage, and enforce data loss prevention policies from the Microsoft Purview compliance portal. DLP is integrated with information protection classification and labeling capabilities, including out-of-the-box, customer, or advanced SITs and trainable classifiers. Configure, triage, and track alerts through the Data Loss Prevention (DLP) alerts page. Extend DLP alerts to the Microsoft Defender XDR portal and Microsoft Sentinel.Starting Price: $12 per month -
26
Armis Centrix
Armis
Armis Centrix™ is a comprehensive cyber exposure management platform that provides continuous, real-time visibility and protection across IT, OT, IoT, and IoMT environments. Powered by the Armis AI-driven Asset Intelligence Engine, it identifies every connected device, assesses cyber risk, and monitors vulnerabilities across an organization’s entire digital attack surface. The platform automates risk scoring, streamlines compliance reporting, and supports rapid incident response through deep asset intelligence. With capabilities that span asset management, OT/IoT security, medical device protection, and early warning threat detection, Armis Centrix™ enhances operational resilience for modern enterprises. VIPR Pro adds advanced prioritization and remediation to connect findings directly to actionable fixes. Designed as a cloud-native, frictionless platform, Armis Centrix™ empowers organizations to reduce exposure, strengthen security posture, and maintain continuity at scale. -
27
Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. SQS eliminates the complexity and overhead associated with managing and operating message oriented middleware, and empowers developers to focus on differentiating work. Using SQS, you can send, store, and receive messages between software components at any volume, without losing messages or requiring other services to be available. Get started with SQS in minutes using the AWS console, Command Line Interface or SDK of your choice, and three simple commands. Use Amazon SQS to transmit any volume of data, at any level of throughput, without losing messages or requiring other services to be available. SQS lets you decouple application components so that they run and fail independently, increasing the overall fault tolerance of the system.
-
28
Dragos Platform
Dragos
The Dragos Platform is the most trusted industrial control systems (ICS) cybersecurity technology–providing comprehensive visibility of your ICS/OT assets and the threats you face, with best-practice guidance to respond before a significant compromise. Built by practitioners for practitioners, the Dragos Platform ensures your cybersecurity team is armed with the most up-to-date defensive tools to combat industrial adversaries, codified by our experts on the front lines every day hunting, combatting, and responding to the world’s most advanced ICS threats. The Dragos Platform analyzes multiple data sources including protocols, network traffic, data historians, host logs, asset characterizations, and anomalies to provide unmatched visibility of your ICS/OT environment. The Dragos Platform rapidly pinpoints malicious behavior on your ICS/OT network, provides in-depth context of alerts, and reduces false positives for unparalleled threat detection.Starting Price: $10,000 -
29
Sophos Cloud Optix
Sophos
Asset and network traffic visibility for AWS, Azure, and Google Cloud. Risk-based prioritization of security issues with guided remediation. Optimize spend for multiple cloud services on a single screen. Get automatic identification and risk-profiling of security and compliance risks, with contextual alerts grouping affected resources, detailed remediation steps, and guided response. Track cloud services side by side on a single screen for improved visibility, receive independent recommendations to reduce spend, and identify indicators of compromise. Automate compliance assessments, save weeks of effort mapping Control IDs from overarching compliance tools to Cloud Optix, and produce audit-ready reports instantly. Seamlessly integrate security and compliance checks at any stage of the development pipeline to detect misconfigurations and embedded secrets, passwords, and keys. -
30
Azure DDoS
Microsoft
Distributed denial of service (DDoS) attacks are some of the largest availability and security concerns facing customers that are moving their applications to the cloud. A DDoS attack attempts to exhaust an application's resources, making the application unavailable to legitimate users. DDoS attacks can be targeted at any endpoint that is publicly reachable through the internet. Every property in Azure is protected by Azure's infrastructure DDoS (Basic) Protection at no additional cost. The scale and capacity of the globally deployed Azure network provides defense against common network-layer attacks through always-on traffic monitoring and real-time mitigation. DDoS Protection Basic requires no user configuration or application changes. DDoS Protection Basic helps protect all Azure services, including PaaS services like Azure DNS.Starting Price: $2,944 per month -
31
Delinea Cloud Access Controller
Delinea
Gain granular control over web applications and web-based cloud management platforms. Delinea's Cloud Access Controller provides a comprehensive PAM solution that operates at cloud speed and is quick to deploy and secure access to any web application. With Cloud Access Controller, you can easily integrate your existing authentication solutions with any web application without having to write any additional code. Apply granular RBAC policies that enforce least privilege and zero trust initiatives, even to custom and legacy web applications. Specify what an individual employee is allowed to read or modify within any web application. Grant, manage and revoke access to cloud applications. Specify who gets access to what, at a granular level. Track usage of each and every cloud application. Clientless session recording without agents. Secure access to all web applications, including social media, custom, and legacy web applications. -
32
Edgescan
Edgescan
Validated web application vulnerability scanning on-demand when you want it, and scheduled as often as you need. Validation and rating of risk, trending and metrics on a continuous basis, all available via our rich dashboard for superior security intelligence. You can use the vulnerability scanning and validation service as much as you like, Retest on demand. Edgescan can also alert you if a new vulnerability is discovered via SMS/email/Slack or Webhook. Server Vulnerability Assessment (Scanning and Validation) covering over 80,000 tests. Designed to help ensure your deployment be it in the cloud or on premise is secure and configured securely. All vulnerabilities are validated and risk rated by experts and available via the dashboard to track and report on when required. Edgescan is a certified ASV (Approved Scanning Vendor) and exceeds requirements of the PCI DSS by providing continuous, verified vulnerability assessments. -
33
SecurityHQ
SecurityHQ
SecurityHQ is a world leading independent Managed Security Service Provider (MSSP), that detects, and responds to threats, instantly. As your security partner, we alert and act on threats for you. Gain access to an army of analysts that work with you, as an extension of your team, 24/7, 365 days a year. Receive tailored advice and full visibility to ensure peace of mind, with our Global Security Operation Centres. Utilize our award-winning security solutions, knowledge, people, and process capabilities, to accelerate business and reduce risk and overall security costs. Most Popular Services: Managed Detection and Response (MDR) Endpoint Detection and Response (EDR) Managed Extended Detection and Response (XDR) Vulnerability Management Services Managed Firewall Digital Forensics & Incident Response Managed Network Detection and Response (NDR) Penetration Testing CISO as a Service -
34
Prancer
Prancer
Large-scale cyber assaults occur regularly, and most security systems are reactive to eliminate intrusions. Prancer’s patented attack automation solution aggressively validates your zero-trust cloud security measures against real-world critical attacks to harden your cloud ecosystem continuously. It automates the discovery of cloud APIs across an organization. It offers automated cloud pentesting, enabling businesses to quickly identify potential security risks and vulnerabilities related to their APIs and minimize false positives with correlated risk scoring. Prancer auto-discovers enterprise resources in the cloud and find out all the attack surfaces at the Infrastructure and Application layers. Prancer engine reviews the security configuration of the resources and correlates data from different sources. It immediately reports back all the security misconfigurations and provides auto-remediation. -
35
Code42 Incydr
Mimecast
Incydr gives you the visibility, context and control needed to stop data leak and IP theft. Detect file exfiltration via web browsers, USB, cloud apps, email, file link sharing, Airdrop, and more. See how files are moved and shared across your entire organization, without the need for policies, proxies, or plugins. Incydr automatically identifies when files move outside your trusted environment, allowing you to easily detect when files are sent to personal accounts and unmanaged devices. Incydr prioritizes file activity based on 120+ contextual Incydr Risk Indicators (IRIs). This prioritization works on day 1 without any configuration. Incydr’s risk-scoring logic is use case-driven and transparent to administrators. Incydr uses Watchlists to programmatically protect data from employees who are most likely to leak or steal files, such as departing employees. Incydr delivers a complete range of technical and administrative response controls to support the full spectrum of insider events. -
36
Microsoft Defender for Cloud Apps
Microsoft
Modernize how you secure your apps, protect your data, and elevate your app posture with SaaS security. Get full visibility of your SaaS app landscape and help protect your apps with Defender for Cloud Apps. Discover, control, and configure apps to ensure employees are using trusted and compliant applications. Classify and protect sensitive information at rest, in use, and in motion. Enable your employees to safely access and view files in apps. Control how apps interact with each other. Gain insight into privileges, permissions, and apps that are accessing sensitive data on behalf of another application. Defend against advanced cyberattacks using app signals. Defend against sophisticated cyberattacks using app signals as part of your advanced hunting in Microsoft Defender XDR. The scenario-based detections will enable your security operations center (SOC) to hunt across the entire cyberattack chain. -
37
NXLog
NXLog
Achieve complete security observability with powerful insights from your log data. Improve your infrastructure visibility and enhance threat prevention with a versatile multi-platform tool. With support for over 100 operating system versions and more than 120 configurable modules, gain comprehensive insights and increased security. Cut the cost of your SIEM solution by reducing noisy and unnecessary log data. Filter events, truncate unused fields, and remove duplicates to increase the quality of your logs. Collect and aggregate logs from systems across the entire breadth of your organization with a single tool. Reduce complexity in managing security-related events and decrease detection and response times. Empower your organization to meet compliance requirements by centralizing some logs in an SIEM and archiving others in your long-term storage. NXLog Platform is an on-premises solution for centralized log management, with versatile processing. -
38
Trapster
Ballpoint
Trapster is a complete Deceptive Security platform that uncovers intrusions by deploying convincing decoy systems within your network, luring attackers into revealing their presence. Its powerful detection capabilities are built on three key components: 1) Network-Based Honeypot Server: launches virtual machines on your Hypervisor or Cloud, supporting 15+ protocols. It detects scans and lateral movements, delivering real-time alerts via email, dashboard, webhooks, syslog, or API. Effortlessly auto-configured and maintenance-free for seamless integration. 2) Lures (Honeytokens): plants deceptive files, URLs, API keys, or database entries to trap attackers early. 3) External Login Panel: mimics authentic login interfaces to expose credential leaks before they’re exploited. Unlike traditional security tools, Trapster proactively identifies threats that evade conventional detection, empowering organizations to stay one step ahead.Starting Price: $1000/year -
39
Agari
Fortra
Use Trusted Email Identity to protect workers and customers from advanced email attacks. Advanced email attacks target a major security vulnerability that legacy email security controls do not address. Agari gives employees, customers, and partners the confidence to trust their inbox. Unique AI with over 300m daily machine learning model updates understands the good to protect you from the bad. Global intelligence powered by trillions of global email messages provide deep insights into behaviors and relationships. Years of experience defining the email security standards that have been adopted by Global 2000 companies. -
40
Workday Extend
Workday
Build new apps that run on Workday technology. Workday Extend puts our technology in your hands. Tap into the same environment that Workday uses to build new apps to accommodate your unique way of doing business. With the Power of One as your foundation, you not only take advantage of the latest Workday innovations, but you also benefit from a familiar user, administration, and reporting experience. You can even enforce the same security controls while gaining real-time access to your Workday people and financial data. Streamline workflows by creating business processes tailored to meet your unique requirements. Enhance user productivity by creating a consistent experience across your applications. Simplify your technology landscape. Build intuitive apps using the Workday UI you are familiar with to optimize your business needs. Ensure a smooth user experience on desktop and mobile. -
41
Proofpoint Identity Threat Defense
Proofpoint
In an ever-changing hybrid world, your organization depends on its employees, their virtual identities, and the endpoints they operate on to build and protect its assets. Threat actors have found unique ways to move laterally across your cloud environments by exploiting such identities. You need an innovative and agentless identity threat detection and response solution to discover and remediate modern identity vulnerabilities—a key part of today’s attack chain. Proofpoint Identity Threat Defense, previously Illusive, gives you comprehensive prevention and visibility across all your identities so you can remediate identity vulnerabilities before they become real risks. You can also detect any lateral movements in your environments and activate deception to ensure threat actors are stopped in action before they gain access to your corporate assets. It doesn’t get better than knowing you can prevent modern identity risks and stop real-time identity threats in action, all in one place. -
42
Proofpoint Adaptive Email Security
Proofpoint
Proofpoint's Adaptive Email Security provides advanced, integrated protection against phishing, Business Email Compromise (BEC), and other email-borne threats. Powered by behavioral AI, this solution continuously adapts to evolving threats, offering real-time protection before, during, and after email delivery. By consolidating email security into a single platform, organizations can simplify operations, reduce vendor complexity, and achieve significant time and cost savings. It offers advanced features such as internal mail protection, real-time coaching, and unified visibility, making it an essential tool for protecting sensitive communications and ensuring compliance. -
43
IONIX
IONIX
Modern enterprises leverage countless partners and third-party solutions to enrich online services, improve operations, grow their business, and serve customers. In turn, each of these resources connect with countless more to create a growing and dynamic ecosystem of mostly unmonitored and unmanaged assets. These hyperconnected ecosystems represent a vast new attack surface that falls outside of the traditional security perimeter and enterprise risk management strategies. IONIX protects and secures enterprises from this new attack vector. IONIX is the only External Attack Surface Management platform that enables organizations to find and eliminate risks in their entire digital supply chain. Enterprises gain deep visibility and control of hidden risks stemming from Web, Cloud, PKI, DNS misconfigurations or vulnerabilities. Integrates via API or natively with Microsoft Azure Sentinel, Atlassian JIRA, Splunk, Cortex XSOAR, and more. -
44
WithSecure Elements Infinite
WithSecure
WithSecure Elements Infinite provides a comprehensive suite of security tools and capabilities as a continuous Managed Detection and Response (MDR) service that includes responding 24/7 to cyber security incidents and improving customers security posture through Continuous Threat Exposure Management (CTEM). Elements Infinite’s proprietary Endpoint Detection & Response (EDR) agent and log collectors feed data into our XDR detection platform, offering exceptional visibility into user, endpoint, cloud, and network activities. The primary service components cover the environments external attack surface(s), identity management systems (Entra ID), physical endpoints, corporate networks and cloud environments (AWS, Azure). WithSecure is a premier European cyber security company dedicated to helping our customers achieve compliance and effectiveness the European way. -
45
Open Systems MDR+
Open Systems
We improved our MDR so you aren’t flooded with alerts, and your business can keep moving. We’ve built it for modern business operations via a cloud-based SIEM, Microsoft Sentinel. Our SOC analysts are equipped with advanced AI detection and insights to identify threats earlier, determine which ones are real, and prioritize those with the highest potential for damage. We care deeply about our customers’ experience, so we have devised a way to minimize disruption by containing threats quickly and precisely. We call it MDR+. Our MDR+ solution combines human expertise, advanced threat detection processes, and world-class technology enabling you to react earlier in the kill chain. Azure Sentinel, with its vast ecosystems, already provides broad data ingestion and detection capabilities. Our use cases are enriched with powerful security playbooks that either run automatically or help the security analyst in taking the next steps. -
46
Maltiverse
Maltiverse
Cyber Threat Intelligence made simple for all types of businesses and independent analysts of cybersecurity. Maltiverse Freemium online resource to access aggregated sets of indicators of compromise with full context and history. When you have a cyber security incident and you need context to respond - you can access the database and search for the content manually. You can also connect the customized set of new threats to your Security Systems like SIEM, SOAR, PROXY or Firewall: Ransomware, C&C centers, malicious IP and URLs, Phishing Attacks, Other feeds.Starting Price: $100 per month -
47
Worldr
Worldr
Worldr defends the data you share in Microsoft Teams from external breaches while prohibiting outside organizations from exploiting your most sensitive digital assets. It can be utilized in any environment, whether that be cloud based or on-premise; our lightweight architecture can be deployed in minutes for any size organization. Ensure full ownership of data so no one, not even Microsoft, can access it. Messages, user details, and metadata are stored in a database protected by a transparent data encryption layer while encryption keys are stored in Hashicorp Vault. Store your data anywhere in the world based on compliance, legal or regulatory requirements. Adhere to sector specific data transfer and processing regulations and meet mandates enforced by various countries to ensure data sovereignty. -
48
Microsoft Security Copilot
Microsoft
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI—now in preview. During an attack, complexity can cost you. Synthesize data from multiple sources into clear, actionable insights and respond to incidents in minutes instead of hours or days. Triage signals at machine speed, surface threats early, and get predictive guidance to help you thwart an attacker’s next move. The demand for skilled defenders vastly exceeds the supply. Help your team make the most impact and build their skills with step-by-step instructions for mitigating risks. Ask Microsoft Security Copilot questions in natural language and receive actionable responses. Identify an ongoing attack, assess its scale, and get instructions to begin remediation based on proven tactics from real-world security incidents. Microsoft Security Copilot integrates insights and data from security tools and delivers guidance that’s tailored to your org. -
49
Revelstoke
Revelstoke
Rock your SOC with the first universal, low-code, high-speed security automation platform with case management built in. Revelstoke uses a single, universal data model that normalizes input and output data to allow for fast integration of any security product, and it’s future-proof. Our UI is based on the Kanban-style workflow. Grab a card, drag it into place, drop it where you want, and boom, the automation works. You can track and monitor case actions, timeline information, and workflow actions, all from the case management dashboard. IR is at your fingertips. Measure and report on the business impact of security automation, prove the value of the investment and show what your team is worth. Revelstoke radically simplifies security orchestration, automation, and response (SOAR), so security teams can work faster, smarter, and more effectively. With a low-code, drag-and-drop interface, dozens of built-in integrations, and incredible visibility into performance metrics. -
50
Learn what a digital risk protection solution is and how it can help you be better prepared by understanding who is targeting you, what they’re after, and how they plan to compromise you. Google Digital Risk Protection delivers a broad digital risk protection solution either via stand-alone self-managed SaaS products or a comprehensive service. Both options give security professionals visibility outside their organization, the ability to identify high-risk attack vectors, malicious orchestration from the deep and dark web, and attack campaigns on the open web. The Google Digital Risk Protection solution also provides contextual information on threat actors and their tactics, techniques, and procedures to provide a more secure cyber threat profile. Gain visibility into risk factors impacting the extended enterprise and supply chain by mapping your attack surface and monitoring deep and dark web activity.
