INTEGRATIONS

NIST National Vulnerability Database — CVE data, CVSS scores, affected products

Exploit Prediction Scoring System — probability of exploitation in the wild

Known Exploited Vulnerabilities catalog — actively exploited CVEs

Common Weakness Enumeration — software weakness classification

Open Source Vulnerabilities — multi-ecosystem vulnerability database

GitHub Security Advisories — reviewed vulnerability database

Cloud-specific vulnerabilities — AWS, Azure, GCP security issues

Adversarial tactics, techniques, and common knowledge framework

Common Attack Pattern Enumeration and Classification

MITRE D3FEND — defensive cybersecurity techniques knowledge graph

Malicious URL database — phishing, malware distribution, and C2 URLs

IOC sharing platform — IPs, domains, URLs linked to malware campaigns

Open Threat Exchange — crowd-sourced threat intelligence and IOCs

IP abuse reporting and blacklist — crowdsourced reputation for malicious IPs

Malware sample repository — hashes, file types, and threat intelligence

Botnet C2 SSL certificate blacklist from abuse.ch

Botnet C2 IP blocklist tracking Feodo, Emotet, and TrickBot

Community-verified phishing URL database

Real-time phishing intelligence and URL feed

IP and domain reputation — spam, malware, and botnet blocklists

Computer Incident Response Center Luxembourg — CVE and vulnerability data

Threat intelligence and IOC feeds for IP, URL, and hash indicators

SANS Internet Storm Center — attack trend data and IP reputation

Actively exploited CVE tracking — real-world exploitation evidence

Microsoft Security Response Center — Patch Tuesday advisories

Cisco security advisories — network infrastructure vulnerabilities

PAN-OS security advisories — firewall and SASE vulnerabilities

Red Hat CVE database — RHSA/RHBA advisories for enterprise Linux

Debian Security Tracker — DSA advisories for all packages

Ubuntu Security Notices — CVE coverage for Ubuntu packages

Alpine SecDB — security database for Alpine packages

FortiGuard security advisories — firewall and SD-WAN vulnerabilities

AWS security bulletins and Amazon Linux package advisories

Rocky Linux security errata — community enterprise Linux advisories

French national CERT advisories and security bulletins

Public exploits and PoCs archive — comprehensive exploit database

Metasploit modules — exploit framework with ready-to-use exploits

ProjectDiscovery scanner templates for vulnerability detection

Proof-of-concept exploits from GitHub repositories

Product lifecycle tracking — EOL dates for 300+ software products

Certificate Transparency log search — SSL/TLS certificate discovery

Shodan InternetDB — fast IP information and open port data

Internet-wide scanning — open ports, banners, and exposed services

Internet host and certificate scanning — attack surface visibility

Amazon GuardDuty threat detection findings and anomalies

Microsoft Azure Policy compliance findings and assessments

Google Cloud SCC findings, misconfigurations, and vulnerabilities

AWS/Azure/GCP security best practices and compliance checks

Infrastructure-as-code security scanning for Terraform, CloudFormation

NIST Cybersecurity Framework — risk management controls and categories

Center for Internet Security benchmarks for secure configuration

Payment Card Industry Data Security Standard requirements

AICPA SOC 2 trust service criteria and controls

Health Insurance Portability and Accountability Act controls

Information security management system controls and clauses

Breaking cybersecurity news, vulnerability disclosures, and threat analysis

Cybersecurity news on vulnerabilities, hacking, and data breaches

In-depth investigative cybersecurity reporting by Brian Krebs

Enterprise cybersecurity analysis, news, and threat intelligence

Cybersecurity news, insights, and analysis for security professionals

Cybersecurity news by Recorded Future — APTs, ransomware, and policy

CISA cybersecurity alerts, advisories, and ICS-CERT publications

Threat intelligence and APT research from CrowdStrike Falcon team

Premier threat intelligence and incident response research by Google

Malware campaigns, zero-day research, and threat intelligence

Palo Alto Networks threat research on APTs, malware, and campaigns

Deep malware analysis, threat hunting, and endpoint security research

Top-tier security commentary and cryptographic analysis by Bruce Schneier

UK National Cyber Security Centre advisories and threat briefings

Qualys VM scan results, asset inventory, and policy compliance

Tenable.io and Nessus scan findings and vulnerability data

Rapid7 InsightVM vulnerability scan results and remediation data

Open-source vulnerability scanner results and CVE mappings

Vulnerability management and appsec orchestration platform findings

Static analysis for security patterns across 30+ languages

GitHub CodeQL — semantic code analysis for security vulnerabilities

Continuous code quality and security analysis platform

Enterprise SAST, DAST, and SCA security testing platform

Open source dependency vulnerabilities and license compliance

SBOM analysis and component vulnerability tracking

Aqua Trivy — comprehensive vulnerability scanner for containers and IaC

Microsoft Defender for Endpoint — alerts, incidents, and device inventory

Palo Alto Cortex XDR — endpoint alerts and investigation data

Open-source XDR and SIEM — security events and compliance

Container and Kubernetes security — image scanning and runtime protection

Container runtime security, compliance, and forensics

Open-source container registry with vulnerability scanning

Internet background noise intelligence — mass scanning and crawling activity

Historical DNS, IP, and domain intelligence data

Agentless network discovery and asset inventory

Azure-native SIEM — security incidents and analytics rule alerts

Splunk SIEM alerts, notable events, and risk-based alerting

IBM QRadar SIEM offenses and correlated security events

Azure AD / Entra identity protection risks and sign-in anomalies

Okta identity security findings, policy violations, and user risks

Privileged access management — account anomalies and policy events

HackerOne vulnerability reports and program disclosures

Bugcrowd platform submissions and researcher findings

Atlassian Jira — vulnerability tickets, security issues, and sprint tracking

ServiceNow ITSM — security incidents, change requests, and CMDB

Linear issues — engineering security tasks and vulnerability remediation

Cloudflare WAF events, bot management, and DDoS protection logs

Snort IDS/IPS — network intrusion detection rules and alerts

Suricata network threat detection engine rules and events