Introduction to Integrations

LAST UPDATED: OCTOBER 7, 2025

The following is a list of active integrations currently supported by D3:

Analytics

• Google BigQuery

  

• Grafana

  

• Microsoft Lists

  

• Microsoft Power BI

  

• Snowflake

  

Cloud Services

• WS CloudTrail

  

• AWS CloudWatch

  

• AWS EC2

  

• AWS ECS

  

• AWS EKS

  

• AWS S3

  

• AWS SQS

  

• AWS SSM

  

• Azure Application Gateway

  

• Azure Blob Storage

  

• Azure Network Security Groups

  

• Azure SQL Query

  

• Azure Storage Resource Provider

  

• Azure Traffic Manager

  

• Azure Virtual Machine

  

• Azure Virtual Networks

  

• Google Alert Center

  

• Google Cloud Compute

  

• Google Cloud PubSub

  

• Google Cloud Storage

  

• Google Drive

  

• Google Resource Manager

  

• Google Sheets

  

• Matano

  

• Microsoft Defender for Cloud Apps

  

• Microsoft OneDrive

  

• Wiz

  

Credential Management

• CyberArk Central Credential Provider

  

• D3 General Password Vault

  

• HashiCorp Vault

  

Data Enrichment

• Alexa Rank Indicator

  

• AlienVault OTX

  

• Kaduu.io

  

• MonAPI

  

• Recorded Future-SecurityTrails

  

• SailPoint IdentityIQ

  

• Screenshot Machine

  

• Sucuri SiteCheck

  

• unshorten.me

  

• Webz.io

  

DevOps

• Atlassian Jira Software

  

• AWS ECR

  

• Azure Container Instance

  

• Azure Container Registry

  

• Azure Database for MySQL

  

• Azure Database for PostgreSQL

  

• Azure DevTest Labs

  

• Azure Managed Disk Snapshots

  

• Azure Resource Group

  

• Azure Resource Management

  

• Azure SQL Databases

  

• Docker

  

• Git

  

• GitHub

  

• GitLab

  

• Google Cloud Spanner

  

• Google Kubernetes Engine

  

• MongoDB

  

• Redis

  

Email & Messaging

• Cisco Webex

  

• Everbridge

  

• Gmail

  

• Gmail V2

  

• IMAP

  

• Mattermost

  

• Microsoft 365 Defender (Email & collaboration)

  

• Microsoft Exchange Server

  

• Microsoft Teams

  

• Microsoft Teams Bot Framework

  

• Office 365

  

• Proofpoint Essentials

  

• Slack

  

• SMTP

  

• Telegram

  

• Twilio

  

• Twitter

  

• Zimbra Mail

  

• Zoom

  

Email Security

• Broadcom Symantec Messaging Gateway

  

• Cisco Email Security

  

• Cofense Vision

  

• Cyren Inbox Security

  

• GreatHorn

  

• KnowBe4 PhishER

  

• Mimecast

  

• Perception Point

  

• Proofpoint Protection Server

  

• Trellix FireEye ETP

  

• Trellix FireEye EX

  

Endpoint Security

• Bitdefender GravityZone

  

• Blackberry Cylance Endpoint Security

  

• Broadcom Symantec Endpoint Protection

  

• Cisco Secure Endpoint

  

• CrowdStrike

  

• Crowdstrike Falcon Streaming

  

• CrowdStrike Threat Graph

  

• Cybereason

  

• Cymulate

  

• Darktrace

  

• Deep Instinct

  

• Digital Guardian

  

• Druva Ransomware Response

  

• Fidelis Endpoint

  

• FortiEDR

  

• Harfang Lab EDR

  

• HYAS Protect

  

• Ivanti Service Manager

  

• Mcafee MVISION EDR(Beta)

  

• Microsoft Defender for Endpoint

  

• Microsoft Graph

  

• Microsoft Intune

  

• SentinelOne

  

• SentinelOne Singularity Operations Center

  

• Sophos Central

  

• Sophos Intercept X

  

• Tanium

  

• Trellix FireEye Endpoint Security (HX)

  

• Trellix McAfee ePO

  

• Trellix McAfee MVISION EDR

  

• Trellix McAfee MVISION ePO

  

• Trend Micro Deep Security Manager

  

• Veeam Backup & Replication

  

• VMware Carbon Black Cloud

  

• VMWare Carbon Black Cloud Endpoint Standard

  

• WatchGuard Aether ESM

  

Forensics & Malware Analysis

• Accessdata Quin-C

  

• ANY.RUN

  

• Cisco Secure Malware Analytics

  

• ClamAV

  

• Crowdstrike Falcon Sandbox

  

• Cuckoo Sandbox

  

• Cyber Triage

  

• Datto BitDam

  

• FortiSandbox

  

• Google Rapid Response

  

• Hybrid Analysis

  

• Intezer Analyze

  

• Joe Sandbox

  

• Koodous

  

• OPSWAT SNDBox

  

• Palo Alto Networks WildFire

  

• Recorded Future Hatching

  

• SafeBreach

  

• VMRay Analyzer

  

• VMware ESX (Lastline)

  

Identity & Access Management

• Active Directory

  

• Active Directory V2

  

• Active Role Server

  

• AWS IAM

  

• Azure Active Directory

  

• Azure AD Identity Protection

  

• Azure Key Vault

  

• Azure Key Vault Secret

  

• BeyondTrust Password Safe

  

• Cisco Identity Services Engine

  

• CrowdStrike Discover

  

• CyberArk Privileged Access Manager

  

• CyberArk Privileged Access Security

  

• Duo Admin

  

• Keeper Commander

  

• Okta

  

• Silverfort

  

• Delinea Secret Server

  

IT and Infrastructure

• Atlassian Confluence Cloud

  

• Atlassian Jira Service Management

  

• Atlassian OpsGenie

  

• Automox

  

• BMC Remedy AR

  

• Bonusly

  

• Box

  

• Datto Autotask PSA

  

• Dell Secureworks CTP

  

• EasyVista

  

• Freshdesk

  

• IBM Remedy

  

• Ivanti Cherwell

  

• Kayako Classic

  

• Libre NMS

  

• LogicMonitor

  

• ManageEngine ServiceDesk Plus

  

• ManageEngine ServiceDesk Plus MSP

  

• Monday.com

  

• Monday.com V2

  

• PagerDuty

  

• Request Tracker

  

• RSA Archer

  

• Salesforce

  

• ServiceNow

  

• ServiceNow V2

  

• Sevco Security

  

• Splunk On-Call (VictorOps)

  

• SSH

  

• TheHive (3.x)

  

• VMware vCenter Server

  

• Zendesk

  

ITSM

• ConnectWise PSA

  

• Freshservice

  

• HaloPSA

  

• OneTrust

  

• SharePoint

  

• Vectra AI

  

Network Security

• Akamai WAF

  

• Arista Awake Security

  

• Arkime (Moloch)

  

• Authentic8 Silo

  

• AWS WAF

  

• Azure Load Balancer

  

• Barracuda CloudGen Firewall

  

• Barracuda Email Security Gateway

  

• Barracuda Web Application Firewall

  

• Bricata

  

• Cato Networks

  

• Cato V2

  

• CheckPoint Firewall

  

• Cisco Adaptive Security Appliance

  

• Cisco Firepower

  

• Cisco Meraki

  

• Cisco Secure Cloud Analytics (Stealthwatch Cloud)

  

• Cisco Secure Network Analytics (Stealthwatch)

  

• Cisco Umbrella Cloud Security

  

• Cloudflare

  

• CloudShark

  

• Corelight

  

• Cyber CNS V4

  

• DataDome

  

• ExtraHop Reveal(x) v2

  

• ExtraHop RevealX 360

  

• F5 Application Security Manager (WAF)

  

• F5 BIG-IP Load Balancer

  

• F5 Firewall

  

• Fidelis Elevate Network

  

• Forcepoint

  

• FortiGate

  

• FortiMonitor

  

• Google Cloud DLP

  

• iboss

  

• Imperva Cloud WAF (Incapsula WAF)

  

• Itential Automation Platform

  

• Juniper Networks SRX

  

• Kemp LoadMaster

  

• McAfee Web Gateway

  

• Microsoft Purview Audit

  

• Microsoft Purview Audit alert_v2

  

• Microsoft Purview eDiscovery

  

• Microsoft Purview eDiscovery V2

  

• Netskope v2

  

• Nmap(Network Mapper)

  

• OPSWAT MetaDefender

  

• Palo Alto Networks FireWall

  

• Palo Alto Networks FireWall V7.1

  

• Palo Alto Networks FireWall V10

  

• Palo Alto Networks PAN-OS

  

• pfSense

  

• Prisma Cloud

  

• SCADAfence

  

• Signal Sciences

  

• SonicWall

  

• Sophos XG Firewall v2

  

• Symantec DLP

  

• Team Cymru

  

• Trellix FireEye Network Security (NX)

  

• Trellix McAfee Network Security Manager

  

• Trend Micro Cloud One

  

• Versa SASE (Secure Access Service Edge)

  

• WatchGuard FireBox

  

• Zeek

  

• Zscaler

  

Other

• Acronis

  

• AWS TT

  

• Big Panda

  

• ChatGPT

  

• Checkpoint Avanan

  

• D3 Integration

  

• Google Calendar

  

• Google Gemini

  

• KnowBe4 Security Awareness User Events

  

• Mcafee Database Activity Monitoring

  

• Mimecast API 1.0

  

• NinjaOne RMM

  

• Observe Data Ingestion

  

• Rest Api CallBack

  

• Screenshot API

  

• Stepes Translation

  

• Syslog Sender

  

• Zscaler Workflow Automation

  

Security Optimization Platform

• AttackIQ

  

SIEM & XDR

• AlienVault USM Anywhere

  

• AlienVault USM Central

  

• ArcSight Enterprise Security Manager

  

• ArcSight Logger

  

• AWS Security Hub

  

• Azure REST

  

• Binalyze Air

  

• BluSapphire Intelligent Cyber Defense

  

• Carbon Black Cloud V2

  

• Cisco SecureX

  

• Claroty

  

• ConnectWise SIEM

  

• Coralogix

  

• Cortex XDR

  

• Cortex XSIAM

  

• Cyderes

  

• Cynet 360 AutoXDR

  

• Datadog

  

• Datadog V2

  

• DataSet (Scalyr)

  

• Deep Instinct V2

  

• Dell Secureworks Taegis XDR

  

• Devo Alerts

  

• Devo Query

  

• Elastic Security

  

• Elasticsearch

  

• ESET Protect Cloud

  

• Exabeam Security Operations Platform

  

• Exabeam V2

  

• Expel Workbench

  

• Falcon LogScale (Humio)

  

• Fluency

  

• FortiAnalyzer

  

• FortiSIEM

  

• Google Chronicle

  

• Google Chronicle Rules Engine v1

  

• Google Chronicle Rules Engine v2

  

• Google Chronicle Search API

  

• Google Chronicle Stream Detection v2

  

• Graylog

  

• IBM QRadar

  

• Kaspersky Security Center OpenAPI

  

• LimaCharlie

  

• LogPoint Director

  

• LogRhythm

  

• LogRhythm Axon

  

• LogRhythm Rest

  

• Logz.io

  

• Microsoft 365 Defender

  

• Microsoft Defender for Cloud

  

• Microsoft Sentinel

  

• Proofpoint Targeted Attack Protection

  

• Proofpoint Threat Response

  

• Rapid7 InsightIDR

  

• Rapid7 InsightIDR V2

  

• RSA NetWitness

  

• RSA Netwitness Log Decoder SDK

  

• SaaS Alerts

  

• Security Onion

  

• Securonix

  

• SGBox

  

• Sophos Central V2

  

• Splunk

  

• Splunk v2

  

• Stamus Clear NDR

  

• Stellar Cyber

  

• Stellar Cyber Starlight

  

• Stellar Cyber V2

  

• Sumo Logic Cloud SIEM Enterprise (Sumo Logic CSE)

  

• Sumo Logic V2

  

• Trellix FireEye Helix

  

• Trellix McAfee ESM

  

• Trend Micro Apex Central

  

• Trend Micro Vision One

  

• Trend Vision One v3.0

  

• Wazuh SIEM

  

Threat Intelligence

• AbuseIPDB

  

• AlphaSOC

  

• Anomali ThreatStream

  

• APIVoid

  

• AWS GuardDuty

  

• BrightCloud Threat Intelligence

  

• C2Sec

  

• Censys

  

• CheckPhish

  

• Cisco Umbrella Enforcement

  

• Cisco Umbrella Reporting

  

• CODA Footprint

  

• Cofense Intelligence

  

• Cofense Triage V2

  

• Computer Incident Response Center Luxembourg (CIRCL)

  

• CrowdStrike Falcon Intelligence

  

• CrowdStrike Falcon MalQuery

  

• CTM360

  

• CyberInt

  

• Cybersixgill

  

• CyberTotal

  

• Cyfirma

  

• D3 Tool Kit

  

• DeHashed

  

• Digital Shadows

  

• Digital Shadows Searchlight

  

• DNSLytics

  

• DomainTools

  

• EclecticIQ Platform

  

• Emailrep.IO

  

• Flashpoint Ignite

  

• Flashpoint.io

  

• Google Safe Browsing

  

• GreyNoise

  

• Group IB

  

• Have I Been Pwned?

  

• HYAS Insight

  

• IBM X-Force Exchange

  

• IPinfo.io

  

• IPQualityScore

  

• ipstack

  

• isitPhishing

  

• iZOOLogic

  

• JsonWhois

  

• Kaseya's DarkWebID

  

• Maltiverse

  

• Mandiant

  

• MaxMind

  

• Meta ThreatExchange

  

• Minemeld

  

• MISP

  

• MXToolBox

  

• OpenCTI

  

• OpenCTI v5.12

  

• OpenDXL

  

• Openphish

  

• Outpost24 Blueliv Threat Compass

  

• Outpost24 Blueliv Threat Context

  

• Palo Alto Autofocus

  

• Phishlabs Case

  

• Phishlabs Feed

  

• PhishTank

  

• Proofpoint Emerging Threats Intelligence

  

• Pulsedive

  

• Recorded Future

  

• RiskIQ PassiveTotal

  

• Shodan

  

• Silent Push

  

• SOCRadar Threat Analysis

  

• SOC Radar Incident V3

  

• Spamhaus

  

• TAXII 2 Threat Feed

  

• ThinkstCanary

  

• ThreatFox

  

• ThreatMiner

  

• ThreatQuotient

  

• Threatray

  

• ThreatWorx

  

• Trellix FireEye CM

  

• Trellix FireEye Feed

  

• Trellix McAfee Advanced Threat Defense

  

• URL2PNG

  

• URLhaus

  

• urlscan.io

  

• VirusTotal

  

• VirusTotal v3

  

• WhatIsMyBrowser.com

  

• WHOISIQ

  

• WhoisXML API

  

• YETI

  

• ZeroFox

  

Vulnerability Management

• cve-search

  

• CYRISMA

  

• Digital Defense Frontline Vulnerability Manager

  

• IBM BigFix

  

• Kenna Security

  

• Nucleus Security

  

• Qualys

  

• Qualys Cloud Agent

  

• Rapid7 InsightVM

  

• Rapid7 InsightVM Cloud

  

• Tenable Security Center

  

• Tenable.io

  

• Tenable.sc

  

• Vulcan Cyber

  

• VulDB V2