Introduction to Integrations

LAST UPDATED: JUNE 2, 2025

The following is a list of active integrations currently supported by D3:

Analytics

Google BigQuery
Grafana
Microsoft Lists
Microsoft Power BI
Snowflake

Cloud Services

AWS CloudTrail
AWS CloudWatch
AWS EC2
AWS ECS
AWS EKS
AWS S3
AWS SQS
AWS SSM
Azure Application Gateway
Azure Blob Storage
Azure Network Security Groups
Azure SQL Query
Azure Storage Resource Provider
Azure Traffic Manager

Azure Virtual Machine
Azure Virtual Networks
Google Alert Center
Google Cloud Compute
Google Cloud PubSub
Google Cloud Storage
Google Drive
Google Resource Manager
Google Sheets
Matano
Microsoft Defender for Cloud Apps
Microsoft OneDrive
Wiz

Credential Management

Data Enrichment

Alexa Rank Indicator
AlienVault OTX
Kaduu.io
MonAPI
Recorded Future-SecurityTrails

SailPoint IdentityIQ
Screenshot Machine
Sucuri SiteCheck
unshorten.me
Webz.io

DevOps

Atlassian Jira Software
AWS ECR
Azure Container Instance
Azure Container Registry
Azure Database for MySQL
Azure Database for PostgreSQL
Azure DevTest Labs
Azure Managed Disk Snapshots
Azure Resource Group
Azure Resource Management

Azure SQL Databases
Docker
Git
GitHub
GitLab
Google Cloud Spanner
Google Kubernetes Engine
MongoDB
Redis

Email & Messaging

Email Security

Broadcom Symantec Messaging Gateway
Cisco Email Security
Cofense Vision
Cyren Inbox Security
GreatHorn
KnowBe4 PhishER

Mimecast
Perception Point
Proofpoint Protection Server
Trellix FireEye ETP
Trellix FireEye EX

Endpoint Security

Bitdefender GravityZone
Blackberry Cylance Endpoint Security
Broadcom Symantec Endpoint Protection
Cisco Secure Endpoint
CrowdStrike
CrowdStrike Falcon
Crowdstrike Falcon Streaming
CrowdStrike Threat Graph
Cybereason
Cymulate
Darktrace
Deep Instinct
Digital Guardian
Druva Ransomware Response
Fidelis Endpoint

FortiEDR
Harfang Lab EDR
HYAS Protect
Ivanti Service Manager
Mcafee MVISION EDR(Beta)
Microsoft Defender for Endpoint
Microsoft Graph
Microsoft Intune
SentinelOne
SentinelOne Singularity Operations Center
Sophos Central
Sophos Intercept X
Tanium
Trellix FireEye Endpoint Security (HX)
Trellix McAfee ePO

Trellix McAfee MVISION EDR
Trellix McAfee MVISION ePO
Trend Micro Deep Security Manager
Veeam Backup & Replication
VMware Carbon Black Cloud
VMWare Carbon Black Cloud Endpoint Standard
WatchGuard Aether ESM

Forensics & Malware Analysis

Accessdata Quin-C
ANY.RUN
Cisco Secure Malware Analytics
ClamAV
Crowdstrike Falcon Sandbox
Cuckoo Sandbox
Cyber Triage
Datto BitDam
FortiSandbox
Google Rapid Response

Hybrid Analysis
Intezer Analyze
Joe Sandbox
Koodous
OPSWAT SNDBox
Palo Alto Networks WildFire
Recorded Future Hatching
SafeBreach
VMRay Analyzer
VMware ESX (Lastline)

Identity & Access Management

Active Directory
Active Directory V2
Active Role Server
AWS IAM
Azure Active Directory
Azure AD Identity Protection
Azure Key Vault
Azure Key Vault Secret
BeyondTrust Password Safe

Cisco Identity Services Engine
CrowdStrike Discover
CyberArk Privileged Access Security
Duo Admin
Keeper Commander
Okta
Silverfort
Thycotic Secret Server

IT and Infrastructure

Atlassian Confluence Cloud
Atlassian Jira Service Management
Atlassian OpsGenie
Automox
BMC Remedy AR
Bonusly
Box
Datto Autotask PSA
Dell Secureworks CTP
EasyVista
Freshdesk
IBM Remedy

Ivanti Cherwell
Kayako Classic
Libre NMS
LogicMonitor
ManageEngine ServiceDesk Plus
ManageEngine ServiceDesk Plus MSP
Monday.com
Monday.com V2
PagerDuty
Request Tracker
RSA Archer
Salesforce

ServiceNow
ServiceNow V2
Sevco Security
Splunk On-Call (VictorOps)
SSH
TheHive (3.x)
VMware vCenter Server
Zendesk

ITSM

ExtraHop Reveal(x) v2
F5 Application Security Manager (WAF)
F5 BIG-IP Load Balancer
F5 Firewall
Fidelis Elevate Network
Forcepoint
FortiGate
FortiMonitor
Google Cloud DLP
Imperva Cloud WAF (Incapsula WAF)
Itential Automation Platform
Juniper Networks SRX
Kemp LoadMaster
McAfee Web Gateway
Microsoft Purview Audit
Microsoft Purview Audit alert_v2
Microsoft Purview eDiscovery
Microsoft Purview eDiscovery V2
Netskope v2
Nmap(Network Mapper)
OPSWAT MetaDefender
Palo Alto Networks FireWall
Palo Alto Networks FireWall V7.1

Palo Alto Networks FireWall V10
Palo Alto Networks PAN-OS
pfSense
Prisma Cloud
SCADAfence
Signal Sciences
SonicWall
Sophos XG Firewall v2
Symantec DLP
Team Cymru
Trellix FireEye Network Security (NX)
Trellix McAfee Network Security Manager
Trend Micro Cloud One
Versa SASE (Secure Access Service Edge)
WatchGuard FireBox
Zeek
Zscaler

Other

Acronis
AWS TT
Big Panda
ChatGPT
Checkpoint Avanan
D3 Integration
Google Calendar
Google Gemini
KnowBe4 Security Awareness User Events

Mcafee Database Activity Monitoring
Mimecast API 1.0
NinjaOne RMM
Observe Data Ingestion
Rest Api CallBack
Screenshot API
Stepes Translation
Syslog Sender
Zscaler Workflow Automation

Security Optimization Platform

AttackIQ

SIEM & XDR

AlienVault USM Anywhere
AlienVault USM Central
ArcSight Enterprise Security Manager
ArcSight Logger
AWS Security Hub
Azure REST
Binalyze Air
BluSapphire Intelligent Cyber Defense
Carbon Black Cloud V2
Cisco SecureX
Claroty
ConnectWise SIEM
Coralogix
Cortex XDR
Cortex XSIAM
Cynet 360 AutoXDR
Datadog
Datadog V2
DataSet (Scalyr)
Deep Instinct V2
Dell Secureworks Taegis XDR
Devo Alerts
Devo Query
Elastic Security
Elasticsearch
ESET Protect Cloud

Exabeam Security Operations Platform
Exabeam V2
Expel Workbench
Falcon LogScale (Humio)
Fluency
FortiAnalyzer
FortiSIEM
Google Chronicle
Google Chronicle Rules Engine v1
Google Chronicle Rules Engine v2
Google Chronicle Search API
Google Chronicle Stream Detection v2
Graylog
IBM QRadar
Kaspersky Security Center OpenAPI
LimaCharlie
LogPoint Director
LogRhythm
LogRhythm Axon
LogRhythm Rest
Logz.io
Microsoft 365 Defender
Microsoft Defender for Cloud
Microsoft Sentinel

Proofpoint Targeted Attack Protection
Proofpoint Threat Response
Rapid7 InsightIDR
Rapid7 InsightIDR V2
RSA NetWitness
RSA Netwitness Log Decoder SDK
SaaS Alerts
Security Onion
Securonix
SGBox
Sophos Central V2
Splunk
Splunk v2
Stamus Clear NDR
Stellar Cyber
Stellar Cyber Starlight
Stellar Cyber V2
Sumo Logic Cloud SIEM Enterprise (Sumo Logic CSE)
Sumo Logic V2
Trellix FireEye Helix
Trellix McAfee ESM
Trend Micro Apex Central
Trend Micro Vision One
Trend Vision One v3.0
Wazuh SIEM

Threat Intelligence

AbuseIPDB
AlphaSOC
Anomali ThreatStream
APIVoid
AWS GuardDuty
BrightCloud Threat Intelligence
C2Sec
Censys
CheckPhish
Cisco Umbrella Enforcement
Cisco Umbrella Reporting
CODA Footprint
Cofense Intelligence
Cofense Triage V2
Computer Incident Response Center Luxembourg (CIRCL)
CrowdStrike Falcon Intelligence
CrowdStrike Falcon MalQuery
CTM360
CyberInt
Cybersixgill
CyberTotal
Cyfirma
D3 Tool Kit
DeHashed
Digital Shadows
Digital Shadows Searchlight
DNSLytics
DomainTools
EclecticIQ Platform

Emailrep.IO
Flashpoint Ignite
Flashpoint.io
Google Safe Browsing
GreyNoise
Group IB
Have I Been Pwned?
HYAS Insight
IBM X-Force Exchange
IPinfo.io
IPQualityScore
ipstack
isitPhishing
iZOOLogic
JsonWhois
Maltiverse
Mandiant
MaxMind
Meta ThreatExchange
Minemeld
MISP
MXToolBox
OpenCTI
OpenCTI v5.12
OpenDXL
Openphish
Outpost24 Blueliv Threat Compass
Outpost24 Blueliv Threat Context
Palo Alto Autofocus
Phishlabs Case
Phishlabs Feed
PhishTank
Proofpoint Emerging Threats Intelligence

Pulsedive
Recorded Future
RiskIQ PassiveTotal
Shodan
SOCRadar Threat Analysis
SOC Radar Incident V3
Spamhaus
TAXII 2 Threat Feed
ThinkstCanary
ThreatFox
ThreatMiner
ThreatQuotient
Threatray
ThreatWorx
Trellix FireEye CM
Trellix FireEye Feed
Trellix McAfee Advanced Threat Defense
Trend Micro Apex Central
URL2PNG
URLhaus
urlscan.io
VirusTotal
VirusTotal v3
WhatIsMyBrowser.com
WHOISIQ
WhoisXML API
YETI
ZeroFox

Vulnerability Management

cve-search
CYRISMA
Digital Defense Frontline Vulnerability Manager
IBM BigFix
Kenna Security
Nucleus Security
Qualys

Analytics

Cloud Services

Credential Management

Data Enrichment

DevOps

Email & Messaging

Email Security

Endpoint Security

Forensics & Malware Analysis

Identity & Access Management

IT and Infrastructure

ITSM

Network Security

Other

Security Optimization Platform

SIEM & XDR

Threat Intelligence

Vulnerability Management