Data Sources & API Integrations
Sift Security has the ability to ingest data from a diverse set of data sources and also supports two way API integrations. In both cases, we support many prevalent data sources out of the box, and also have the ability to quickly add new integrations.
Supported Data Sources for Ingestion
The sources below can be collected directly from the source or via leading SIEMs. If you are interested to learn more about how the data ingestion process works, detailed technical documentation is available upon request.
|Linux||Bro Network Monitoring|
|Cylance||Cisco ASA (Firewall)|
|Carbon Black||AWS VPC Flow|
|Tanium*||McAfee Web Gateway|
|OSQuery*||Aruba ClearPass (NAC)|
|ASN / Netblock||Email (IronPort)|
|Active Directory*||Apache logs*|
|Asset Database*||API integrations|
|Visa Threat Intel*|
* requires customization
3rd Party API Integrations
Sift Security also provides an easy way to integrate with 3rd party products via APIs. This self service capability enables customers to integrate with 3rd party products. Also, we provide a sample of integrations that work out of the box, such as ServiceNow and Palo Alto Networks. Additional technical documentation and user guides are available upon request.