Sift Security
Download
Sift Security DemoDemo
Sift Security TrialTrial
Sift Security ContactContact
Sift Security

Data Sources & API Integrations

Sift Security has the ability to ingest data from a diverse set of data sources and also supports two way API integrations. In both cases, we support many prevalent data sources out of the box, and also have the ability to quickly add new integrations.

Supported Data Sources for Ingestion

The sources below can be collected directly from the source or via leading SIEMs. If you are interested to learn more about how the data ingestion process works, detailed technical documentation is available upon request.

Host Network
Windows Palo Alto
Linux Bro Network Monitoring
Symantec
Netflow
Cylance Cisco ASA (Firewall)
Digital Guardian DHCP
Carbon Black AWS VPC Flow
Tripwire* NGNIX
Tanium* McAfee Web Gateway
OSQuery* Aruba ClearPass (NAC)
Sysmon* FireEye*
Enrichment Other
State Applications
GeoIP AWS Cloudtrail
ASN / Netblock Email (IronPort)
Active Directory* Apache logs*
Vulnerability* Custom data*
Asset Database* API integrations
IAM* ServiceNow
Threat Intelligence PAN*
Critical Stack Tanium*
VirusTotal Duo*
iSight*
Visa Threat Intel*

* requires customization

3rd Party API Integrations

Sift Security also provides an easy way to integrate with 3rd party products via APIs. This self service capability enables customers to integrate with 3rd party products. Also, we provide a sample of integrations that work out of the box, such as ServiceNow and Palo Alto Networks. Additional technical documentation and user guides are available upon request.