List of Google TI Integrations
Google Threat Intelligence is the richest and most actionable crowdsourced threat intelligence suite. More than 3.6M users a month and tens of thousands of organizations world-wide rely on its threat reputation and context to be safer. Its popularity is such that most 3rd-party security technologies have built off-the-shelf turnkey integrations with our API, powering use cases such as automatic alert triage, event enrichment, false positive discarding, 2nd opinion detection and other threat detections and response flows. Some (not all) of these ubiquitous integrations are listed below, if you would like to ask about some other product or add an entry to this listing please do not hesitate to contact us.
SOAR Platforms
Palo Alto Cortex XSOAR (Demisto)
š See content packs
š Integrating Cortex XSOAR and VirusTotal for maximum incident response and investigation
šŗ Cortex XSOAR VirusTotal Livehunt threat feeds
ā¹ļø Build a champion SOC with VirusTotal and Palo Alto Cortex XSOAR
Splunk SOAR (Phantom)
š Download the integration in Splunkbase
š Learn about the integration in the official Splunk documentation site
šŗ Create playbooks using VirusTotal enrichment
ā¹ļø Import a playbook example to enrich your indicators
Chronicle SOAR (Siemplify)
š Add VirusTotal from your Chronicle SOAR Integration Marketplace
š Learn about the integration in the official Chronicle SOAR documentation site
šŗ Create playbooks using VirusTotal enrichment
Swimlane
š Download the VirusTotal plugin from Swimlane's Apphub
š Understand the plugin from the official documentation
šŗ Watch how VirusTotal leverages your Swimlane experience!
ServiceNow
š Download the VirusTotal integration from the ServiceNow store
š Set up the VirusTotal integration and start enriching with Threat Intelligence
šŗ In this recording you can find the steps to set VirusTotal up in ServiceNow
IBM Qradar SOAR (Resilient)
š Download from IBM's App Exchange
š Improve your playbooks following the official documentation
Exabeam
š Improve your Incident Response with the VirusTotal integration
Logpoint SOAR
š Configure the VirusTotal integration in your Logpoint instance
š Check some playbook examples using VT such as email investigation or phishing response
Securonix SOAR
š Automate secops connecting the VirusTotal integration
Rapid7 InsightConnect
š Install the VirusTotal and VirusTotal YARA extensions to improve and automate your detection
š Empower your playbooks using VirusTotal intelligence
TheHive
š Cortex analyzer allowing you to enrich and scan any IoC kind
Fortinet FortiSOAR
š See VirusTotal standard connector
š See VirusTotal Premium connector
š Read the pertinent connector documentation.
šŗ See how VirusTotal can supercharge phishing response in conjunction with FortiSOAR.
SIEM/XDR/TDR/Security Analytics Platforms
Chronicle
š Contact us to empower Chronicle with VirusTotal Intelligence
š Learn about the advantages of combining Chronicle and VirusTotal
Google Threat Intelligence for Splunk, the official Google TI Splunk Integration
š Start unearthing threats, vulnerabilities and Threat Actors from your Splunk events
š Learn about the insights VT4Splunk is going to bring to your Splunk
šŗ Watch how to set it up and how it looks
Microsoft Sentinel
š Activate the VirusTotal connector from the Sentinel marketplace
š Check what the VirusTotal connector is capable of
šŗ Create playbooks using VirusTotal reports
ā¹ļø Automate your Sentinel incident triage
Palo Alto Cortex XDR
š Configure the VirusTotal Threat Intel integration following the official guide
š Investigate Incident key assets and artifacts
Cisco SecureX
š Follow these steps to integrate VT with SecureX
šŗ Start enriching your indicators with VirusTotal
IBM Qradar
š Get the latest VT Integration for Qradar from IBM's App Exchange
š Enrich your IOCs in Qradar following the official documentation
Securonix Snypr
š Contact us to get an API key to configure automatic response with VirusTotal
š Run enhanced playbooks
Logpoint
š Configure the VirusTotal integration in your Logpoint instance
š Enhance your threat hunting with VirusTotal + Logpoint
Wazuh
š Follow these steps to configure the VT integration
š Learn how the VirusTotal integration can be used for scanning files
ā¹ļø Detect and remove malware
Fortinet FortiSIEM
š Follow these steps to configure the VT integration
EDRs / EPPs / Nextgens / AVs / Endpoint Agents
Crowdstrike
š Get the official VirusTotal integration!
š Understand how VirusTotal enhances your experience in Crowdstrike
šŗ Watch how to augment your Incident Response
ā¹ļø Use VirusTotal to automate your SOC workflow
McAfee / Trellix
š Create and import a malicious file hash feed
š Enhance your Threat Intelligence Exchange server with VirusTotal enrichment
Symantec
š When investigating a file, send it to VirusTotal to gather context
šŗ Watch how to use VirusTotal as a second opinion
Tanium
š Overlay IoC reputation for processes and other artifacts recorded by Tanium
šŗ Watch how to identify risk in your Enterprise by checking Tanium data against VirusTotal
TIP Platorms
MISP
š Get the VirusTotal import module
š Check how to export and import VT Collections to MISP to empower your investigation!
Anomali Threatstream
š Find the VirusTotal threat analysis tool in Anomali's marketplace
š Learn how to set the VT integration up and what capabilities it offers
Email gateways / Mailbox defense / Phishing email analysis
KnowBe4 Phisher
š Enhance your phishing protection with VirusTotal
Proofpoint
š Follow the guide to automate your Incident Response with VirusTotal
SASE / Secure DNS
Cloudflare One
š Use threat intelligence from VirusTotal to create rules within Cloudflare products
Zscaler
š Follow these simple steps and enrich your logs
Network perimeter
Broadcom Content Analysis
š Supercharge malware analysis by activating the VirusTotal service
Forensics
EnCase
š Generate hash values for all tagged files and send the hash value to VirusTotal for scoring
Productivity Suites
Google Workspace Alert Center
š View VirusTotal reports from the alert center
š Check how VirusTotal enriches your alerts
ā¹ļø Gmail events are also enriched with VirusTotal!
Is your platform missing?
This list is not exhaustive, contact us to see if we support it or check VT4Browsers, our pragmatic browser extension that will enrich every indicator displayed in any platform!
Updated 16 days ago