HUNTERS INTEGRATIONS
1Password
1Password is a password manager that stores encrypted passwords online.
Abnormal Security
Abnormal's cloud email security platform protects enterprises from targeted email attacks.
abuse.ch
abuse.ch is a research project at the Institute for Cybersecurity and Engineering (ICE) to identify and track cyber threats, with a strong focus on malware and botnets.
Acalvio Technologies
Acalvio, the leader in cyber deception technology, helps enterprises actively defend against threats.
Agari Phishing Defense
Agari is an email protection product, protecting against phishing, business email compromise scams and other advanced email threats.
Alert Logic WSM
The Alert Logic Managed Web Application Firewall (WAF) Out-of-Band WAF monitors your web traffic and logs web violations but does not block any requests.
Alibaba Cloud
Alibaba Cloud’s logging tools, like Log Service and ActionTrail, are vital for monitoring, diagnosing, and responding to incidents. They help track user actions, manage risks, ensure compliance, and detect security threats.
AlienVault OTX
AlienVault Open Threat Exchange (OTX) is the world’s largest open threat intelligence community, enabling collaborative defense with actionable, community-powered threat data.
Anomali Intelligence
Anomali delivers intelligence-driven cybersecurity solutions, including ThreatStream, Match, and Lens.
Apache2
Apache2 is a popular open-source web server software that is used to serve web content on the internet.
Appgate
Appgate SDP is a Zero Trust Network Access (ZTNA) solution. ZTNA is an IT security solution that provides secure remote access to an organization’s applications, data, and services based on clearly defined access control policies.
Aqua
Aqua is a cloud security and compliance tool combining all of your cloud assets from AWS, Azure, and GCP.
Arbor Networks
Arbor Networks APS (Availability Protection System) is an on-premises DDoS mitigation appliance from Netscout (formerly Arbor Networks). It is designed to detect, analyze, and automatically mitigate distributed denial-of-service (DDoS) attacks in real time. APS provides advanced threat intelligence integration, traffic visibility, and adaptive countermeasures to keep critical services online during volumetric, TCP state-exhaustion, and application-layer attacks. It is often deployed at the enterprise edge or within service provider networks to protect against both inbound and outbound threats.
Area 1
Cloudflare Area 1 comprehensively defends against sophisticated threats by stopping phish at the earliest stages of the attack cycle.
Armis
Armis, the asset intelligence cybersecurity company, protects the entire attack surface and manages the organization’s cyber risk exposure in real time.
Armorblox
Armorblox is a cloud office security platform that protects enterprise communications across email, messaging, and file-sharing services using natural language understanding.
Astrix Security
Astrix Security Logs provide visibility into third-party integrations and service accounts connected to SaaS platforms. These logs help detect risky access patterns, excessive permissions, and potential supply chain abuse across cloud environments.
Atlassian
Atlassian is a software company that develops products for software developers, project managers and other software development teams.
Auth0
Auth0 is a flexible, drop-in solution to add authentication and authorization services to your applications.
Aviatrix
Aviatrix is a next-generation, multi-cloud networking and security platform that simplifies the management, visibility, and control of cloud networks.
AWS
AWS logs provide unique and crucial visibility into the activities and resources in an organization’s AWS environment. Hunters ingests logs from AWS Config, AWS Cloudtrail, AWS VPC Flow, and AWS WAF.
Axis Security
Axis Security uses SSE to elevate access security and ensure that your connectivity is always in-sync with your business.
Barracuda
Barracuda Box Logs provide comprehensive visibility into firewall activity, authentication events, network traffic, system events, and administrative access (including SSH). Collecting these logs enables SOC teams to monitor policy enforcement, detect anomalies, investigate authentication issues, and strengthen overall network security posture.
Beyond Trust
BeyondTrust is the worldwide leader in intelligent identity and access security. We protect identities, stop threats, and deliver dynamic access.
Bind DNS
BIND DNS is a complete implementation of the DNS protocol. BIND 9 can be configured as an authoritative name server, a resolver, and, on supported hosts, a stub resolver.
Blackberry Cylance
Known for its endpoint protection platform, CylancePROTECT, it proactively identifies and mitigates threats by analyzing the behavior of files and processes in real-time, rather than relying on traditional signature-based methods. This approach enables it to stop malware, ransomware, and other sophisticated cyber threats before they can cause harm.
Box
Box empowers your teams by making it easy to work with people inside and outside your organization, protect your valuable content, and connect all your apps
Breez Security
Breez is an advanced security telemetry platform designed to simplify the collection and normalization of data from diverse sources, including endpoints, identity systems, cloud infrastructure, and business applications. It delivers a structured and enriched view of security activity, enabling teams to detect anomalies, investigate incidents, and respond more quickly and precisely.
Bricata
Bricata's Network Detection and Response (NDR) product is a cybersecurity solution that combines machine learning, full-spectrum threat detection, and automated response capabilities to identify, analyze, and counter network-based threats in real-time.
Broadcom Secure Access Cloud (Luminate)
Broadcom Secure Access Cloud is a SaaS solution that enables more secure and granular access management to corporate resources hosted on-premises or in the cloud.
Cato Networks
Cato Networks is a networks, cloud and endpoint management and security platform, categorized as a Secure Access Service Edge (SASE platform).
Check Point
Check Point Software Technologies Ltd. provides cyber security solutions to governments and corporate enterprises globally. All Check Point Security Logs are supported by Hunters.
Cisco AnyConnect NVM
Cisco AnyConnect NVM (Network Visibility Module) is an endpoint product by Cisco, used for monitoring network activity.
Cisco Firewall
Cisco have several network appliances that allow network monitoring and inspection, protecting corporate networks and data centers, such as Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense.
Cisco Identity Services Engine
The Cisco Identity Services Engine (ISE) offers a network-based approach for adaptable, trusted access everywhere, based on context.
Cisco Meraki
Meraki devices can act as different classic devices at once, and as such provide multiple log types which are relevant for detection and context enrichment during automatic investigations, such as firewall logs, DHCP logs, and DNS logs.
Cisco Secure Endpoint (AMP)
Cisco AMP (Advanced Malware Protection) is an EDR designed to prevent, detect, and help remove threats from computer systems.
Cisco Umbrella
Umbrella is a cloud-delivered service giving organizations visibility to protect users across all network devices.
Citrix Netscaler
Citrix NetScaler is an Application Delivery Controller (ADC) created to optimize, manage, and secure network traffic. It analyzes application-specific traffic to distribute, optimize, and protect L4–L7 network traffic.
Claroty
Claroty's Extended Internet of Things (XIoT) platform secures physical systems across industrial, healthcare, and enterprise environments.
Cloudflare
CloudFlare HTTP data is used in the Hunters Pipeline for detection and investigation related to HTTP requests to relevant appliances in the organization's network.
CloudSEK
CloudSEK is a cybersecurity company specializing in predictive threat intelligence powered by artificial intelligence. It offers solutions like XVigil, which monitors and identifies threats such as data leaks, phishing attacks, and brand impersonation across the web, including the dark and deep web. CloudSEK focuses on proactive risk management, helping organizations mitigate potential threats before they escalate.
Code42
Code 42 is a SaaS platform aimed to log and detect data loss (through documents being copied/moved/made accessible to the wrong persons), and respond accordingly.
Cofense
Cofense, formerly known as PhishMe, is a provider of comprehensive cybersecurity solutions that focus on empowering organizations to detect, respond to, and mitigate phishing threats. Their services include phishing detection and response tools, as well as training and simulation products to enhance employees' awareness and ability to identify phishing attempts.
Corelight Suricata Alerts
Corelight’s Suricata + Zeek integration provides rich, pivotable network data to everyone in the SOC.
Cortex XDR (PAN)
PAN Cortex XDR is a detection and response platform that operates across network, endpoint, and cloud environments, offering enhanced visibility and security.
Integrating PAN Cortex XDR into Hunters allows the collection and ingestion of key data types into the data lake. Furthermore, alerts will be created over the logs, auto-investigated, and correlated to other related signals.
Integrating PAN Cortex XDR into Hunters allows the collection and ingestion of key data types into the data lake. Furthermore, alerts will be created over the logs, auto-investigated, and correlated to other related signals.
CrowdStrike
Hunters seamlessly ingests rich endpoint telemetry from the Falcon platform as well as organizational data and security telemetry from any existing data source in the organization.
CyberArk
CyberArk's Privileged Access Manager is a full life-cycle solution for managing the most privileged accounts and SSH Keys in the enterprise.
Cybereason
Cybereason provides a next-generation antivirus (NGAV) solution that safeguards company endpoints against highly advanced and unknown security threats, including ransomware and fileless attacks.
Cyberhaven
Cyberhaven Sentry collects events as data moves throughout your company and can take real-time action to protect your data from theft, misuse, and exposure
Cyera
Cyera discovers, classifies and protects data across IaaS, PaaS, and SaaS environments.
Cyren
Cyren offers email security software that can protect businesses and users from phishing attacks and data loss.
DarkTrace
Darktrace empowers defenders to reduce risk and minimize cyber disruption. Its Self-Learning AI technology develops a deep and evolving understanding of your bespoke organization, allowing it to prevent, detect, and respond to unpredictable cyber-attacks across the entire digital environment – from cloud and email to endpoints and OT networks.
Databricks
Databricks is a cloud-based data analytics platform that unifies data engineering, science, and machine learning. Built by the creators of Apache Spark, it combines data lake and warehouse capabilities, enabling organizations to manage, process, and analyze data at scale on major cloud providers like AWS, Azure, and Google Cloud.
Duo
Duo is a user-centric access security platform that provides two-factor authentication. Two-factor authentication adds a second layer of security to your online accounts.
Edgescan
Edgescan provides vulnerability management solutions using a "software as a service" model. It has added cloud-based compliance and web application security offerings.
F5 VPN
F5 BIG-IP log files include important diagnostic information about the events that are occurring on the BIG-IP system.
FireEye EX
FireEye Email Security helps organizations minimize breaches caused by advanced email attacks. Email Security combines intelligence-led context and detection plug-ins to unearth malicious and benign phishing URLs on a big data, scalable platform.
FireEye NX
FireEye Network Security is a cyber threat protection solution that helps organizations minimize the risk of breaches by detecting and stopping advanced, targeted and other evasive attacks hiding in Internet traffic.
FortiEDR
Fortinet FortiEDR logs provide detailed telemetry on endpoint activity, focusing on detecting and responding to advanced threats in real time. These logs include information about process execution, network connections, file access, and behavioral anomalies. They are typically used for threat hunting, incident investigation, and integration with SIEM platforms for centralized security monitoring.
Fortinet Firewall
Fortinet Firewall is a network appliance by Fortinet which enhances various network security capabilities.
GitHub
GitHub, Inc. is a provider of Internet hosting for software development and version control using Git. Organizations that manage their code on GitHub may view and export various logs regarding the platform.
GitLab
GitLab is a web-based DevOps lifecycle tool that provides a Git repository manager offering wiki, issue-tracking, and CI/CD pipeline features, using an open-source license. It enables collaborative software development and version control, allowing teams to manage projects from planning and source code management to monitoring and security.
Google Cloud Platform
Google Cloud Platform logs provide unique and crucial visibility into the activities and resources in an organization’s GCP environment. Hunters ingests several data sources from GCP, including Audit logs, Security Command Center Assets, and Security Command Center Findings.
Google Workspace
Hunters ingests logs for various Gsuite applications, alerts created by Gsuite, and a snapshot of all users in the Gsuite account.
Harness IO
Harness is the industry’s first Software Delivery Platform to use AI to simplify your DevOps processes - CI, CD & GitOps, Feature Flags, Cloud Costs, and much more.
HPE Aruba Networking
HPE Aruba ClearPass is a powerful network access control (NAC) solution that provides secure, policy-based access for wired, wireless, and VPN networks. It enables organizations to authenticate, authorize, and enforce security policies for users and devices across diverse environments. With features like role-based access control, device profiling, and automated threat responses, ClearPass simplifies managing network security while enhancing visibility and compliance.
iboss
iboss is a cloud security company that provides a secure access service edge (SASE) solution.
Illusive Networks
Illusive Active Defense Suite delivers deception-based security controls that detect and derail attackers inside the network. By planting deceptive assets and credentials across endpoints and servers, Illusive forces adversaries to reveal themselves early in the attack chain. The platform provides high-fidelity alerts on lateral movement attempts and hands-on-keyboard activity, helping SOC teams rapidly detect, investigate, and contain intrusions.
Imperva
Imperva provides centralized data security across legacy and modern cloud environments by automating detection, protection, and risk response.
InfoBlox
InfoBlox is a network security appliance that concentrates on DNS, DHCP, and IPAM (IP Address Management), from both on-prem and cloud sources.
.svg)
Ironscales
Ironscale offers security professionals and end users an AI-driven, self-learning email security platform that provides a comprehensive solution to stop tomorrow’s phishing attacks today.
Island
Meet Island, the Enterprise Browser that gives you control over SaaS governance, visibility and productivity.
Jamf
Jamf is the most prominent way to manage macOS devices in an enterprise organization. Logs pulled from the Jamf API and Jamf Server provide critical insights into the state of macOS devices across the organization.
Jira
Jira is a powerful project management tool used for tracking tasks, bugs, and workflows. It's popular for agile development, allowing teams to plan, track, and release projects efficiently across various industries.
Jumpcloud
JumpCloud is a cloud directory service that securely manages and connects users to their IT resources, including systems, servers, applications, and more.
Juniper Firewall
Juniper Firewalls support next-generation firewall capabilities such as intrusion prevention, application visibility and control, and content security features that include anti-virus, anti-spam, and Web filtering.
Keeper
Keeper Security transforming the way organizations and individuals protect their passwords and sensitive digital assets to significantly reduce password-related data breaches and cyberthreats. Keeper is the leading provider of zero-knowledge security and encryption software covering password management, secrets management, connection management, dark web monitoring, digital file storage, secret messaging, and more.
Keycloak
Keycloak is an open-source identity and access management solution offering SSO, user management, and support for OAuth 2.0, OpenID Connect, and SAML. It simplifies authentication and authorization for apps with features like social login, multi-factor authentication, and a user-friendly admin console.
Kiteworks
Kiteworks is a secure file sharing and collaboration platform that provides a variety of security features, including advanced threat protection (ATP), data loss prevention (DLP), encryption, and access control.
Kubernetes
Kubernetes, also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications.
Lacework
Lacework is a data-driven security platform for the cloud that collects and analyses various logs and telemetries for the main cloud vendors (AWS, Azure, GCP, etc.).
Lansweeper
Lansweeper is an IT Asset Management platform provider helping businesses better understand, manage and protect their IT devices and network.
LastPass
LastPass is a freemium password manager that stores encrypted passwords online. After the data is ingested, Hunters reads the data from the shared bucket, parses it and allows the usage of this source to protect your users and your network in a more comprehensive way.
Linux Auditd
auditd is the userspace component to the Linux Auditing System. It's responsible for writing audit records to the disk.
Lookout
Lookout is a cloud security platform that protects mobile devices, endpoints, and cloud applications from cyber threats and data breaches. It provides real-time threat detection, phishing protection, and data loss prevention by analyzing user behavior and device activity. Lookout secures organizations against mobile malware, unauthorized access, and compliance risks, helping businesses protect sensitive data across remote and hybrid work environments.
Lumos
Lumos is an identity governance and access management platform that unifies visibility across SaaS and cloud environments. It helps organizations manage user permissions, automate access reviews, and detect excessive or risky entitlements. By streamlining access requests and enforcing least privilege, Lumos reduces identity risk and improves compliance for modern enterprises.
Malwarebytes
Malwarebytes is an anti-malware software for Microsoft Windows, macOS, ChromeOS, Android, and iOS that finds and removes malware.
ManageEngine ADAudit Plus
ADAudit Plus helps keep your Windows Server ecosystem secure and compliant by providing full visibility into all activities. ADAP does so by collecting event log data from most of your environment’s licensed components, creating Alerts and Reports above it.
McAfee MVISION Cloud
McAfee Mvision (former Skyhigh CASB) is a cloud access security broker that protects data and stops threats in the cloud across SaaS, PaaS, and IaaS from a single, cloud-native enforcement point.
Microsoft Azure
Azure logs provide unique and crucial visibility into the activities and resources in an organization's Azure environment. Hunters supports multiple Azure data sources, including Azure Activity Log, Sign In Log, Audit Log, and NSG Flow Log.
Microsoft Defender for Endpoint
Microsoft Defender for Endpoint is Microsoft’s EDR, collecting various logs from endpoints with MDATP agents - Devices Info, Process Info, Network Events, and more.
Microsoft Exchange
Microsoft Exchange is an email product by Microsoft. In Exchange Server, mail flow occurs through the transport pipeline.
Microsoft Graph API
The Microsoft Graph API provides a single endpoint to access data and interact with Microsoft 365 services like Azure Active Directory, Teams, Outlook, and OneDrive. It uses RESTful calls to manage resources such as users, groups, messages, and files
Microsoft InTune
Microsoft Intune is a cloud-based endpoint management solution that manages user access and simplifies app and device management across devices, including mobile devices, desktop computers, and virtual endpoints.
Mikrotik
MikroTik is a technology company specializing in networking hardware and software. It is best known for RouterOS, its powerful operating system for routers, and RouterBOARD, its line of networking devices. MikroTik products are widely used for building and managing networks, offering features like firewall management, VPN support, bandwidth shaping, and wireless connectivity. Known for its affordability and flexibility, MikroTik is popular among ISPs, enterprises, and network administrators worldwide.
Mimecast
Mimecast is a company specializing in cloud-based email management for Microsoft Exchange and Microsoft Office 365, including security, archiving, and continuity services to protect business mail.
MOVEit
MOVEit Transfer is a secure managed file transfer (MFT) program designed to provide a reliable, efficient, and secure way to transfer files, manage workflows, and ensure compliance with data security policies.
Mulesoft
MuleSoft provides the easy-to-use tools you need to automate your way to higher productivity and lower costs.
.png?width=67&height=67&name=RR%20Scratchpad%20(4).png)
NetIQ
NetIQ eDirectory is a directory service software that facilitates the centralized management of resources and user identities across different network environments.
Netography
Netography Fusion delivers high-fidelity alerts that identify anomalous or malicious network activity.
Netskope
Netskope delivers a modern cloud security stack, with unified capabilities for data and threat protection, plus secure private access.
NGINX
NGINX is a high-performance web server, reverse proxy, and load balancer designed for handling large volumes of traffic efficiently. It is widely used to serve static content, manage API traffic, and optimize application delivery. NGINX improves website performance with features like caching, compression, and SSL termination while enhancing security by mitigating DDoS attacks and unauthorized access. Its scalability and flexibility make it a popular choice for modern web applications and cloud environments.
NoName Security
Noname is a cyber security company that provides an API security solution.
Normalyze
Normalyze is a data security platform that helps organizations discover, classify, and protect sensitive data across cloud environments. It provides visibility into data assets, identifies security risks, and ensures compliance with industry regulations. Using automated scanning and AI-driven analysis, Normalyze detects misconfigurations, unauthorized access, and potential data exposures. It enables security teams to enforce data protection policies, prevent breaches, and maintain a strong security posture across multi-cloud infrastructures.
Nozomi Networks
Nozomi Networks specializes in providing cybersecurity solutions and services, particularly in the areas of operational technology (OT) and Internet of Things (IoT) security.
Office365
Office365 is Microsoft's online productivity suite. Hunters ingests logs with a variety of content types from Office365.
Okta
For organizations that utilize Okta as their SSO provider, it is usually a crucial component in providing regulated access for all organizational users to all relevant Cloud and SaaS resources. In some cases it is even used to manage access to internal organizational resources.
Onapsis
Onapsis is a cybersecurity platform that specializes in protecting business-critical applications such as SAP and Oracle. It provides continuous monitoring, vulnerability management, compliance auditing, and threat detection for ERP systems that are often the backbone of enterprise operations. By delivering deep, application-specific insights, Onapsis helps organizations secure complex environments against cyber threats, misconfigurations, and unauthorized access—whether these systems are deployed on-premises, in the cloud, or in hybrid setups.
OneLogin
Hunters supports ingestion of OneLogin events, based on Webhooks. This is a straightforward process which will allow Hunters to ingest your OneLogin events into the platform.
OpenCTI
OpenCTI (Open Cyber Threat Intelligence) logs provide detailed records of the platform’s operations, including data ingestion, threat intelligence processing, and system events. These logs help administrators monitor performance, troubleshoot issues, and ensure data integrity across connectors, enrichment modules, and integrations. By analyzing OpenCTI logs, users can maintain visibility into the flow of threat intelligence and identify any anomalies or operational errors.
Openstack
OpenStack is a free, open standard cloud computing platform. It is mostly deployed as infrastructure-as-a-service (IaaS) in both public and private clouds where virtual servers and other resources are made available to users.
OpenVPN
OpenVPN is a VPN system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.
Orca
Orca is an agentless cloud security and compliance tool combining all your cloud assets from AWS, Azure, and GCP.
OSQuery
Osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive.
Palo Alto Networks Firewall
Palo Alto Networks next-generation firewalls detect known and unknown threats, including in encrypted traffic, using intelligence generated across many thousands of customer deployments.
PerceptionPoint
PerceptionPoint is a Prevention-as-a-Service company, offering fast interception of any content-based attack across all channels, including email, S3, and Dropbox.
PerimeterX Bot Defender
PerimeterX Bot Defender logs contain entries of website access to protected APIs, including blocked information.
pfSense
pfSense is a free and open source firewall and router that also features unified threat management, load balancing, multi WAN, and more.
PingID
PingOne is a cloud identity solution that orchestrates adaptive authentication and access services to connect employees across any application, any directory and any device.
Prisma Cloud
Prisma Cloud CSPM is a Cloud protection platform. Prisma inspects cloud products - AWS and Azure assets, for example - and identifies vulnerabilities and mis-configurations.
ProofPoint
Hunters ingests various Proofpoint products, including On Demand (email cloud data service), Targeted Attack Protection (email cloud protection service), and Email Gateway (on-premise server logs).
ProtectWise
ProtectWise is a cloud-powered security company that provides Network Detection and Response (NDR) services.
PulseSecure
PulseSecure is a VPN system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities.
Qualys
Qualys provides SaaS solutions in cloud security, compliance, and vulnerability management.
.jpeg?width=67&height=67&name=rhisac(3).jpeg)
RH-ISAC
RH-ISAC is a threat intelligence sharing organization focused on the retail and hospitality sectors. They provide vetted indicators ofcompromise (IOCs) through their MISP platform at misp.rhisac.org. The integration pulls threat intelligence data tagged with "rhisac:vetted" - these are safe-to-action indicators that have been validated and are already present on reputation block lists or identified as known malicious. RH-ISAC uses a collaborative approach to threat intelligence, allowing member organizations to share and access high-quality security indicators. The data includes various IOC types such as IP addresses, domains, file hashes, and URLs that can be directly used for blocking or alerting in security tools.
SailPoint
SailPoint IdentityNow is a modern SaaS-based Identity Security solution that provides a centralized way to see and control every user’s access to resources across hybrid IT environments while ensuring regulatory compliance.
Salesforce
Salesforce is a cloud-based Customer Relationship Management (CRM) platform that enables businesses to manage customer data, sales operations, and marketing campaigns.
Salt Security
Salt Security is a cyber security company that provides an API security solution.
Integrating your Salt Security logs into the Hunters ecosystem will allow getting alerts from Salt Security into your Hunters portal, as well as investigating threat scenarios over it and getting related Hunters' detections for your tenant.
Integrating your Salt Security logs into the Hunters ecosystem will allow getting alerts from Salt Security into your Hunters portal, as well as investigating threat scenarios over it and getting related Hunters' detections for your tenant.
SAP
SAP is a global leader in enterprise software, known for its solutions that help businesses manage various operations such as finance, logistics, human resources, and supply chain management.
Sempris
Semperis DSP is a solution designed to improve the security of Active Directory environments. It offers various features to detect, prevent, and recover from Active Directory-based attacks such as insider threats, ransomware, and advanced persistent threats (APTs).
SentinelOne
SentinelOne offers solutions that deliver real-time endpoint protection, detection and response, and monitors IoT frameworks for vulnerabilities. These solutions also provide features and leverage the cloud for scalability.
Seraphic Security
Seraphic Security is an enterprise browser security platform that helps organizations protect users and endpoints from compromise via the web, and prevent sensitive data leakage or loss via the browser.
Signal Sciences
The Signal Sciences platform is an application security monitoring system that proactively monitors for malicious and anomalous web traffic directed at your web servers.
Silverfort
Silverfort’s platform monitors all human and machine access requests in real time, to prevent unauthorized access to all sensitive assets.
SilverPeak
Silver Peak, the global SD-WAN leader, delivering the transformational promise of the cloud with a self-driving wide area network
Skyhigh Security
Skyhigh Security enables your remote workforce while addressing your cloud, web, data, and network security needs.
Slack
Slack is the collaboration hub that brings the right people, information, and tools together to get work done.
Snowflake
Snowflake Audit Logs provide a record of activities within the Snowflake data warehouse, offering insights into user actions, system events, and resource utilization.
In the process of integrating the logs into hunters, the data is fetched using API, normalized into schemas and streamed to Hunters' Data Lake. The Ingestion allows the exploration of this source for overseeing users' usages in the Snowflake warehouse.
In the process of integrating the logs into hunters, the data is fetched using API, normalized into schemas and streamed to Hunters' Data Lake. The Ingestion allows the exploration of this source for overseeing users' usages in the Snowflake warehouse.
Solarwinds Orion
The SolarWinds Orion Platform is a powerful, scalable infrastructure monitoring and management platform designed to simplify IT administration for on-premises, hybrid, and software as a service (SaaS) environments in a single pane of glass.
SonicWall
SonicWall Firewall is a network appliance by SonicWall which enhances various network security capabilities.
Sophos Central
Sophos Central is a single cloud management solution for all your Sophos next-gen technologies: endpoint, server, mobile, firewall, ZTNA, email, and so much more.
Splunk Intelligence Management (TruStar)
Splunk Intelligence Management aims to break down data silos within and across enterprises to align security effectiveness with business objectives.
Squid Proxy
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages.
STIX-TAXII
STIX™ (Structured Threat Information Expression) is a language and serialization format used to exchange cyber threat intelligence (CTI).
Stormshield
Stormshield offers a robust suite of cybersecurity solutions focused on network, endpoint, and data protection. Its flagship products include Stormshield Network Security (SNS), a range of next-generation firewalls with advanced threat prevention and certified compliance; Stormshield Endpoint Security (SES), which provides proactive, behavior-based protection against ransomware, zero-day threats, and insider attacks; and Stormshield Data Security (SDS), a powerful encryption solution for securing sensitive data across devices, cloud environments, and communications. These products work together to deliver an integrated, multilayered defense tailored for critical infrastructures, government agencies, and regulated industries.
StrongDM
StrongDM is a Zero Trust Privileged Access Management (PAM) platform that extends the capabilities of traditional privileged access management to support all modern infrastructure, including databases, servers, Kubernetes clusters, clouds, and web applications.
SURF Security
Surf Security is a browser security platform designed to protect enterprise users where they work most—inside the browser. It provides real-time visibility and control over web activity, detects risky extensions and SaaS access, and enforces data protection policies without impacting user productivity. Surf helps SOC teams reduce browser-based threats, control data exfiltration, and secure SaaS access at scale.
Symantec
Symantec protects all your traditional and mobile endpoint devices with innovative technologies for attack surface reduction, attack prevention, breach prevention, and detection and response.
Sysdig
Sysdig Secure provides unified security and compliance for containers, Kubernetes and cloud. Sysdig logs are used by Hunters to populate alerts by Sysdig, as well as to allow advanced investigation over your Container assets.
Teleport
Teleport is an open-source tool for providing zero trust access to servers and cloud applications using SSH, Kubernetes and HTTPS.
Tenable.io
Powered by Nessus technology, Tenable.io is Tenable’s cloud-based vulnerability management and coverage. It scans and analyzes assets of many types and gathers data on vulnerabilities on them.
Thinkst Canary
Thinkst Canary is an agent installed on network appliances that monitors them and attempts to discover incidents.
ThreatX
ThreatX WAF is a Cloud Native WAF product that delivers protection across apps and APIs. It separates the enterprise network from the Internet blocks Web requests from outside that targets the Customers' internal Web Servers.
Thycotic
Thycotic Secret Server is an enterprise Privileged Access Management (PAM) solution, available both on-premise and in the cloud.
Tines
Tines is a no-code security workflow automation tool that allows users to automate complex workflows unique to their business.
Trend Micro
Trend Micro Deep Security is a comprehensive security solution designed to protect physical, virtual, cloud, and container environments.
Twingate
Twingate is a Zero Trust Network Access (ZTNA) platform that replaces traditional VPNs with a secure, modern approach to remote access. It provides identity-aware, least-privilege connectivity to internal apps and resources without exposing them to the public internet. With strong policy controls and visibility, Twingate helps organizations reduce attack surface and enforce Zero Trust principles across their workforce.
Upwind Security
Upwind Security is a cloud workload protection platform (CWPP) built for modern cloud-native environments. It provides real-time visibility into runtime activity, detects vulnerabilities and misconfigurations, and prioritizes risks based on exploitability. By monitoring workloads and network flows in production, Upwind helps security teams secure Kubernetes, containers, and cloud infrastructure with minimal performance impact.
Vectra
Vectra AI's Threat Detection and Response Platform protects your business from cyberattacks by detecting attackers in real time and taking immediate action.
Very Good Security
Very Good Security helps companies by providing a secure payment environment, fast-tracking PCI, and/or optimizing payments.
Vicarius
Vicarius prevent hackers from exploiting corporate devices.
VirusTotal
VirusTotal's threat intelligence dataset contains notions such as malware samples, URLs, domains and IP addresses according to binary properties, and many others.
VMware Carbon Black
Carbon Black products provide critical raw data OS-level telemetry from hosts (endpoints or servers). These telemetries include process creation events, network connection events, DNS requests, file events, and much more.
VMWare ESXi
A VMWare ESXi component generates logs for various events occurring on the machine.
VMware Workspace ONE
VMware Workspace ONE is a digital platform that delivers and manages any app on any device by integrating access control, application management, and unified endpoint management
Watchguard Firebox
Watchguard allows to see all the traffic through your network and monitor network activity to make sure that your network is secure.
Wazuh
Wazuh is an open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments.
Windows Firewall Logs
Windows Firewall logs allow you to monitor any dropped or successful connections by the firewall.
Wiz
Wiz's platform analyzes computing infrastructure for combinations of risk factors that could allow malicious actors to gain control of assets and/or exfiltrate valuable data.
Workday
Workday is a cloud-based software company that provides enterprise resource planning (ERP) solutions, primarily focused on human capital management (HCM) and financial management. Designed for medium to large organizations, Workday helps businesses manage tasks such as payroll, workforce planning, recruiting, and performance management. Its intuitive interface, advanced analytics, and scalability make it a popular choice for organizations looking to streamline HR and financial processes while gaining real-time insights into their operations.
Zeek Logs
Zeek is a passive, open-source network traffic analyzer, used by many vendors (such as Corelight) as a Network Security Monitor to support investigations of suspicious or malicious activity.
ZeroFox
ZeroFox is a threat intelligence SaaS platform that uses diverse data sources and artificial intelligence-based analysis to identify and remediate cyber attacks.
Zoom
Zoom's secure, reliable video platform powers all of your communication needs, including meetings, chat, phone, webinars, and online events.
Zscaler
Zscaler is a cloud security company that provides Security Service Edge (SSE) solution. Hunters ingests both ZIA (Zscaler Internet Access) and ZPA (Zscaler Private Access) logs.