Supported Integrations

Samurai Integrations facilitate the ingestion of data sources from a wide range of third party vendors. Our Integrations are updated regularly as new and emerging technologies are released.

Each Integration typically requires a configuration guide outlining steps you must follow to integrate your data source to the Samurai platform.

For details such as transport methods and logs collected please refer to each supporting vendor configuration guide by clicking the link in the table or browsing directly to Product Integration Guides.

All supported integrations are categorized according to our Detection Categorization. For further information refer to the following article: Telemetry Data Source Categorization.

Available configuration guides

VendorProductDetection Category
Amazon Web ServicesCloudTrailDetection
Amazon Web ServicesVirtual Private Cloud (VPC) Flow LogsDetection
ApacheHTTP ServerEnrichment
Aruba NetworksClearPassEnrichment
Blackberry (Cylance)Cylance PROTECTEnrichment
Check PointNext-Generation FirewallFoundation
CiscoIOS Routers & SwitchesEnrichment
CiscoIdentity Services Engine (ISE)Enrichment
CiscoMeraki MX Security AppliancesDetection
CiscoSecure EndpointFoundation
CiscoSecure Firewall (ASA Appliances)Foundation
CiscoSecure Firewall (Firepower Threat Defense)Foundation
CiscoUmbrellaFoundation
CitrixNetscalerEnrichment
ClarotyContinuous Threat Detection (CTD)Foundation
ClarotyxDomeDetection
CrowdstrikeFalcon InsightFoundation
Cyber-ArkPrivileged Access Security (PAS)Enrichment
ESETProtectDetection
F5BIG-IP Load Traffic Manager (LTMDetection
FortinetFortiAnalyzerFoundation
FortinetFortiGate Next-Generation FirewallFoundation
FortinetFortiWeb Web Application FirewallDetection
GestioIPIP Address Management (IPAM)Enrichment
GoogleWorkspaceEnrichment
InfoBloxDDIDetection
LinuxAuthentications LogsEnrichment
MicrosoftAzure Application GatewayDetection
MicrosoftAzure Activity LogsEnrichment
MicrosoftAzure FirewallDetection
MicrosoftAzure Virtual Networks (NSG Flow)Enrichment
MicrosoftDefender for EndpointFoundation
MicrosoftDefender Advanced HuntingFoundation
MicrosoftEntra IDEnrichment
MicrosoftGraph SecurityDetection
MicrosoftInternet Information Services (IIS)Detection
MicrosoftOffice 365Enrichment
MicrosoftDHCP ServerEnrichment
MicrosoftDNS ServerDetection
MicrosoftWindows Event LogEnrichment
OktaWorkforce Identity CloudEnrichment
Palo Alto NetworksCortex XDR ProFoundation
Palo Alto NetworksNext Generation FirewallFoundation
Palo Alto NetworksPanoramaFoundation
PowerDNSRecursorDetection
ProofPointTargeted Attack ProtectionDetection
SambaSamba Active DirectoryEnrichment
SquidSquid CacheFoundation
SophosSophos Central (Intercept X)Detection
TrellixEndpoint Security (ENS)Foundation
TrellixEndpoint Security (HX)Foundation
Trend MicroVision OneDetection
VMwareCarbon Black Cloud Enterprise EDRFoundation
WatchguardFireboxDetection
ZscalerInternet Access (ZIA)Detection

In the pipeline

Outlined below are integrations we have in the pipeline however have no committed dates for support. Please note any integration may be influenced by changing business opportunities and client requirements. Please contact NTT for further information or if you require additional support.

VendorProduct
NozomiGuardian
Palo Alto NetworksPrisma Access
Heimdal SecurityEndpoint Security
ClickstudiosPasswordstate