Technology Ecosystem Integrations
Ziften’s Open Visibility is not just a set of point-integrations, but a holistic strategy designed to maximize the value of the entire security stack. Leveraging best-of-breed technologies, Ziften provides integrations with firewall, NetFlow, SIEM, proxy, DNS, ticketing systems, and other security solutions to support enterprise teams with deep endpoint analysis and drill-down visibility for actionable, automated response.
AlienVault’s mission is to enable organizations with limited resources to accelerate and simplify their ability to detect and respond to the growing landscape of cyber threats. As an AlienVault Open Threat Exchange (OTX) Partner, Ziften utilizes AlienVault’s intelligence to deliver immediate threat visibility from the endpoint to the network for a secure environment.
Blue Coat is a leader in enterprise security, providing on-premise, hybrid, and cloud-based solutions for protecting web connectivity, combating advanced threats and responding to security breaches. Ziften integrates with and extends both the Blue Coat Security Analytics platform as well as the Malware Analysis Appliance (MAA) with real-time endpoint visibility and rich context.
FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time.
Fortinet’s fast, secure, and global cyber security solutions provide broad, high-performance protection against dynamic security threats while simplifying the IT infrastructure. Combined with Ziften’s endpoint intelligence and rich network context, the solutions protect both your network and endpoints while powering bi-directional adaptive response to threats within an environment.
Lancope is a leading provider of network visibility and security intelligence to protect enterprises against today’s top threats. Combining the network visibility provided by Lancope’s StealthWatch system with the endpoint visibility of Ziften, organizations are able to have complete context around user and system behavior in order to detect and respond to hostile activities immediately.
Palo Alto Networks
Palo Alto Networks is the next-generation security company, leading a new era in cybersecurity by safely enabling applications and preventing cyber breaches for tens of thousands of organizations worldwide. Ziften’s endpoint visibility helps provide context behind the network activity observed on Palo Alto firewalls. Ziften also integrates with Palo Alto WildFire, extending WildFire’s malware analysis capabilities into the endpoint for all binaries, regardless of how they entered the system (USB, on-network, off-network).
ReversingLabs solutions provide enterprises and security vendors a foundation for protecting digital assets. Ziften integrates with ReversingLabs’ TitaniumCloud File Reputation Services to provide real-time analysis and visibility for threats within your environment. Ziften complements ReversingLabs’ threat analysis capabilities by providing real-time access to files from endpoints, regardless of how they entered the system (USB, on-network, or off-network).
ServiceNow is a leading provider of cloud-based services that automate enterprise IT operations. Through the integration with ServiceNow, Ziften enables users to deliver visibility to key stakeholders in your organization through real-time incident creation.
Ziften is a founding member of the Splunk Adaptive Response Initiative, combining endpoint visibility and intelligence with real-time threat response. The Ziften App for Splunk combines native integration of comprehensive endpoint visibility with threat feeds and network intelligence for an end-to-end view of indicators of compromise.