Integrating with Security Tools

Many customers choose to leverage other security tools, such as SIEMs (e.g. Splunk, Sumo Logic, etc.), to aggregate security-related information and SOARs (e.g. Cortex, Phantom, etc.) to orchestrate remediation & response. With Nightfall, you can export historical scan results and automatically push real-time alerts to third-party sources like a SIEM. From there, you can leverage SIEM capabilities to aggregate, search, filter, and manage alerts.

Some customers have also used workflow tools (e.g. Zapier) to automate workflows or to manipulate data.

Integrating with SIEM

Creating dashboards for Nightfall alerts in Splunk

Creating dashboards for Nightfall alerts in Sumo Logic

Sending alerts to Microsoft Teams

Last updated