PARTNER INTEGRATION

ZeroFox

Visit their site

ZeroFox provides enterprises AI-powered protection, intelligence and disruption to identify and dismantle external threats across the public attack surface. The ZeroFox Platform combines advanced AI-driven analysis to detect complex threats on the surface, deep and dark web, fully managed threat intelligence services with threat analysts that become an extension of your team, and automated remediation to effectively disrupt threats.

Integrated Dataminr Products
Agentic Threat Intelligence Platform
Investigation Insights

ZeroFox Alerts

The Dataminr integration with ZeroFOX allows Dataminr customers to import threat-related alerts along with all of their context from the ZeroFOX platform into Dataminr. Within ZeroFox, an alert provides information about a potential threat to an entity: an executive, a domain, or a location, to help analyze social-media-based threat indicators such as profiles, pages, posts, and comments from a number of different sources.

This integration is available for download on the Dataminr Marketplace.

ZeroFox Domains

The Dataminr integration with ZeroFOX allows Dataminr customers to import threat intelligence domain feeds from ZeroFOX into Dataminr. This integration is available for download on the Dataminr Marketplace.

ZeroFox Key Incidents

This ZeroFox integration with Dataminr allows Dataminr users to import Key Incidents along with all of their context from the ZeroFox platform into Dataminr.

The ZeroFox Key Incidents integration is a Threat Intelligence Feed type of integration that can be enabled as a standalone job or using Dataminr’s Feed Deployer, which adds the feed to your current list of Intelligence sources. Through each integration job, ZeroFox Key Incidents are imported as Incident Groups to the Dataminr platform.

This integration is available for download on the Dataminr Marketplace.

ZeroFox Threat Intelligence

This ZeroFox integration with Dataminr allows Dataminr users to import threat intelligence data along with all of their context from the ZeroFox platform into Dataminr.

The ZeroFox ThreatIntel integration is a Threat Intelligence Feed that can be enabled as a standalone job or using Dataminr’s Feed Deployer, which adds the feed to your current list of Intelligence sources.

The ZeroFox ThreatIntel app can leverage multiple threat intelligence endpoints to ingest data into the Dataminr platform, depending on the user’s access and scope within the ZeroFox ThreatIntel API.

Available endpoints include:

  • Botnet
  • Disruption
  • Exploits
  • Vulnerabilities
  • C2 Domains
  • Phishing
  • Malware
  • Ransomware
  • Email
  • Compromised Credentials

LookingGlass scoutPRIME with Investigation Insights

The Investigation Insights – scoutPRIME integration quickly searches scoutPRIME’s API for threat intelligence related to different indicators. With the Investigation Insights – scoutPRIME integration, analysts can quickly triage if an indicator poses a threat to them or their environments.

Examples

scoutPRIME Data Overview

  • Summary Tags: When running a search in scoutPRIME, analysts will be immediately able to tell how risky it is viewed within scoutPRIME.
  • Overview: When drilling into the details of the scoutPRIME integration, analysts will be able to quickly get a high level overview of the indicator, learning information about when it was active, associated risks and more.
  • Additional Sources: Analysts will also be able to see the associated sources that derived the score and information in scoutPRIME.

Looking for Integration Not Shown

Contact Us