Automation / Response

Reduce response time by automating the analyst process, better TCO

Integrate with ecosystem products across the enterprise to automate the investigation, response and mitigation process.

DNIF logo icon
Integrate

Working with API Plugins

Easy integrations with third party APIs and applications to enable seamless workflows and automated threat intelligence

Comprehensive API framework to leverage third-party APIs on the platform

Open APIs allowing users to leverage DNIF with third-party applications for an effective bi-directional integration

Native support for STIX/TAXII protocols for automated Threat Intelligence integration

Easy to deploy plugins to create one command integration of wide variety of applications and SaaS services

Working with API plugins
Workflows and Playbooks
Automate

Workflows and Playbooks

Automate enrichment, investigation and enable easy decision making by using DNIF Query Language to deliver efficient use of API.

Uniform DQL syntax to deliver efficient use of API calls across a wide range of use-cases

Automated investigations using lookups as a part of alert investigation playbooks

GUI-based mechanism to visualize and create workflows for different investigation scenarios

Create automated enrichment of alerts by standardizing default lookups

Monitor

Monitoring Integrations

Ensure effective functioning of API based integrations with constant monitoring of the API plugins.

Integrated security mechanism to ensure authentication of API calls

Detailed audit logs for API calls to monitor success / failure of API calls and ensuring compliance reporting

Periodic scheduled health check of API plugins to validate effective working of plugins and alerting for plugin issues

Monitoring Integrations
Out of the Box Integrations
Integrate

Out-of-the-box Integrations

Get out-of-the-box integrations and ready to use playbooks to cover a wide spectrum of cyber security use cases.

Out-of-the-box integrations with host of Open source and commercial threat intelligence & GeoIP feed providers

Out-of-the-box integrations with host of commercial security control systems for automated remediation

Ready to use playbooks covering a wide spectrum of cybersecurity use-cases