Alliances | RiskIQ

RiskIQ Technology Partners and Alliances

Powerful Integrations that Extend Your Reach

Technology Alliances

 
RiskIQ’s technology partners and alliances build on RiskIQ products and solutions to help you get even more value from your security infrastructure. The ecosystem of complementary technologies and services provided by our partners help customers gain better security, optimize staff resources, and maximize the value of technology investments.

Get to know RiskIQ

Global Browser Blacklists

Google Safe Browsing

When RiskIQ crawls websites and confirms a page to be phishing or hosting malware, we provide these URLs directly to Google for inclusion in Google Safe Browsing. Google Safe Browsing is blacklist of URLs which host malware or phishing content, and if a user of one of those web browsers attempts to visit a blacklisted URL, they are presented with a warning page informing them of the impending threat if they proceed.

Microsoft SmartScreen

When RiskIQ crawls a website and confirms that the page is hosting malware or phishing, we provide the URL of the page to Microsoft for automatic blocking to its web browsers through Microsoft SmartScreen. Microsoft SmartScreen prevents users of Microsoft Internet Explorer and Edge from visiting websites with phishing content or malware.

SIEM

Splunk

RiskIQ’s Splunk App brings the power of data sets collected from internet scanning directly to your Splunk instance. This application leverages your existing PassiveTotal account and our API in order to bring in data like passive DNS, WHOIS, passive SSL, host attributes and more.

QRadar

The RiskIQ App for IBM QRadar brings data sets from internet scanning and threat intelligence directly to your QRadar instance. Without leaving QRadar, you can investigate infrastructure found within your logs, automatically triage offenses based on verified intelligence, and create rules based on data stored within the PassiveTotal platform.

Threat Intelligence

Flashpoint Intel

Flashpoint deep and dark web data can be integrated into RiskIQ External Threats to create events on the appearance of keywords relating to your business, brand, or key employees on the dark web. Searching for threats across all digital channels and across all corners of the web enables organizations to have comprehensive visibility and threat management workflows for both RiskIQ and Flashpoint customers.

ThreatQuotient

ThreatQ is an open and extensible threat intelligence platform (TIP) to provide defenders the context, customization, and collaboration needed for increased security effectiveness and efficient threat operations and management. The ThreatQ platform integrates RiskIQ PassiveTotal data to enrich domains and IP addresses with tags, malicious disposition and other metadata from PassiveTotal, along with passive DNS data to query for a domain or IP addresses’ historical record.

Security Orchestration & Automation

Phantom

With Phantom, you can automate tasks, orchestrate workflows, and support a broad range of SOC functions including event and case management, collaboration, and reporting. Phantom Playbooks can utilize RiskIQ PassiveTotal data via the RiskIQ API to automate security processes such as understanding tags associated with infrastructure and then performing blocking or restriction actions on other technologies like endpoint protection, firewalls, proxies, and more.

Demisto

Demisto orchestrates security to make Security Operation Center (SOC) teams more efficient and smarter. Its comprehensive platform combines automation, incident management, and interactive investigation into a seamless experience to reduce MTTR for every incident. Users can leverage the multi-source threat intelligence capabilities of RiskIQ PassiveTotal with the security orchestration and automation features of Demisto Enterprise for repeatable and scalable incident response that coordinates across different security measures.

Powered by RiskIQ

WhiteHat Discovery

WhiteHat Discovery utilizes RiskIQ Digital Footprint Snapshot technology to provide coverage and visibility into assets that require monitoring outside the safety of the firewall. This intelligence, combined with WhiteHat’s vulnerability management and application security and testing allows DevSecOps teams to ensure they have their assets and apps covered from a security standpoint.

Integrations and Memberships

To learn more about RiskIQ and SIEM, click to get this tech note.

Proud Member

     

M3AAWG logo

Get the Analyst Report

Ovum Research: RiskIQ provides external digital threat defense—learn how RiskIQ helps businesses see, manage, and mitigate web, social, and mobile threats.