Digital Threat Management Interoperability for Security Tools | RiskIQ

Interoperability

Enhance Your Existing Security Solutions With RiskIQ

Easily Integrate RiskIQ Into Your Existing Security Stack

As a cybersecurity company, we understand the trade off that may be required between getting access to more data and the overhead needed to integrate new security tools into existing processes.

Because of this, we have built our products to work well with many existing tools and processes. Learn how you can integrate RiskIQ intelligence and data directly into your security stack.

Out-of-the-Box Integrations

Out-of-the-box integrations

Every security organization already has tens or hundreds of security tools to help defend themselves against attackers. RiskIQ’s industry-leading threat intelligence and data sets were built to be extensible through many of the tools that exist today, including out-of-the-box integrations with IBM QRadar and Splunk.

        

RiskIQ is an official contributor to Splunkbase, IBM Security App Exchange, the IBM Ready for Security Intelligence Alliance program, and IBM X-Force Exchange.

BI-DIRECTIONAL REST API

Bi-Directional REST API

For organizations with an established security management toolset or custom-built systems, RiskIQ provides access to our data via a REST API. With registered API access, organizations can access the data programmatically at scale directly through their own security platforms.

Threat Intelligence

Threat Intelligence

The RiskIQ platform unifies threat research data sets like passive DNS, current and historical WHOIS information, SSL certificate information, and additional components of website metadata that can connect threat infrastructure. This improves analyst’s mean-time-to-response and proactive defenses. Access to this data can be provided through the RiskIQ user interface or via API integration with existing security tools.

SIEM Tools

SIEM Tools

The RiskIQ platform provides the enrichment necessary to help analysts using a SIEM to make intelligent, informed decisions about alerts and cybersecurity events. The deep context RiskIQ provides about infrastructure outside the firewall is critical to prioritizing an event as a threat or dismissing it as a false positive. The platform, data sets, and intelligence improves the efficiency of security and analyst teams and reduces their mean time to remediation (MTTR).

Vulnerability and Asset Management Applications

Asset Vulnerability Management

RiskIQ technology scans the entire internet to discover publicly accessible assets that belong to you, as well as digital assets across your customer and partner networks that tie back to your digital identity. These assets may include connected devices, domains, IP blocks, name servers, and web servers. The RiskIQ platform provides information about the asset’s status, components, and ownership details to provide guidance when remediating new vulnerabilities as they’re discovered.

Governance, Risk, and Compliance (GRC) Solutions

Governance, Risk, and Compliance (GRC)

The cornerstone of most security frameworks is a complete, up-to-date inventory of all assets that belong to your organization, along with reporting of the status, patch level, and ownership details of those assets. RiskIQ’s proprietary discovery technology automatically identifies and indexes company-owned digital assets—including shadow IT, third-party code, and component relationships and dependencies between assets.

Email Security Tools

Email Security

RiskIQ automates many of the currently manual processes for email security programs. RiskIQ can bring in full emails from corporate or customer abuse boxes and automatically crawl the pages to verify phishing, scams, or malware, then automatically submit these items for takedown or blocking through Google Safe Browsing and Microsoft SmartScreen. This dramatically increases efficiency and improves security for your employees and customers.