Technology partner hosted Google SecOps SIEM integrations

This is a list of technology partners that host an integration with Google SecOps SIEM. Each row provides specific integration details.

  • Vendor: Name of technology partner company providing the product and product's integration with Google SecOps.
  • Product: Name of the vendor's product with Google SecOps SIEM integration, along with embedded link to information about the product and Google SecOps SIEM integration.
  • Description: A brief description of the product and its integration with Google SecOps.
  • Integration functions: Brief list of core data flow functions the integration provides.

For additional Google SecOps integrations, visit the extensive list of Google developed SIEM integrations known as default parsers and a list of Google SecOps SOAR integrations.

If you are a technology provider and would like to build an integration for your product with Google SecOps, complete the Google SecOps integration partner assessment form.

Vendor Product Description Integration functions
Atlassian Jira cloud* This integration sends Google SecOps incidents detected to Jira for ticket management and tracking. Pulls Google SecOps data into the product using Google SecOps APIs.
Atlassian Jira on-premises* This integration sends Google SecOps incidents detected to Jira for ticket management and tracking. Pulls Google SecOps data into the product using Google SecOps APIs.
CardinalOps CardinalOps detection posture management platform This integration expands coverage with tailored detections, monitors log health, and operationalizes curated detections. Pulls Google SecOps data into the product using Google SecOps APIs.
Censys Censys Attack Surface Management This integration sends your externally facing asset and risk data from Censys ASM to Google SecOps for alerting, remediation, and reporting. Sends data pre-parsed/normalized to Google SecOps UDM
Chronosphere Chronosphere Telemetry Pipeline This integration expands coverage with tailored detections, monitors log health, and operationalizes curated detections. Sends data pre-parsed/normalized to Google SecOps UDM and sends raw log data to Google SecOps.
Corrata Limited Corrata mobile threat defense This integration provides Google SecOps with coverage for the detected mobile endpoint threats including phishing attempts, malware detections, and network attacks. Sends pre-parsed or normalized data to Google SecOps UDM.
DataBahn.ai (DataBahn LLC) Databahn.ai Data Fabric This integration enables DataBahn's Security Data Fabric to collect, parse, structure and enrich a wide variety of data sources into Google SecOps to deliver relevant and optimal insights. Sends data pre-parsed/normalized to Google SecOps UDM and sends raw log data to Google SecOps.
Dataminr Dataminr Pulse for Google SecOps (Sign in to Dataminr to view the page) This integration brings Dataminr AI-powered real-time intelligence into Google SecOps, accelerating detection and response for emerging threats. Pulls Google SecOps data into the product using Google SecOps APIs.
GreyNoise GreyNoise This integration provides a method for importing GreyNoise IPv4 internet scanners into Google SecOps. Sends pre-parsed or normalized data to Google SecOps UDM and sends raw log data to Google SecOps.
Lucidum Lucidum Lucidum enhances your workflow, working in harmony with Google SecOps, without requiring you to replace or overhaul your current solutions. Sends data pre-parsed/normalized to Google SecOps UDM and sends raw log data to Google SecOps.
Nozomi Networks Guardian and Central Management console This integration monitors OT and IoT environments for risk. The integration pushes the OT and IoT asset detail, vulnerability, and alert data to Google SecOps for advanced correlations and analysis. Sends pre-parsed or normalized data to Google SecOps UDM and sends raw log data to Google SecOps.
NXLog NXLog* This integration sends raw logs to Google SecOps where a Google SecOps default parser can then automatically normalize the data into the Google SecOps UDM. Sends raw log data to Google SecOps.
observIQ, Inc. BindPlane This integration uses observIQ's premier observability pipeline, BindPlane, to collect, refine and ship metrics, logs, and traces to Google SecOps to realize greater insights with less data noise. Sends data pre-parsed/normalized to Google SecOps UDM and sends raw log data to Google SecOps.
Palo Alto Networks Cortex* This integration sends logs from Cortex to Google SecOps SIEM. Sends pre-parsed or normalized data to Google SecOps UDM.
Palo Alto Networks XSOAR* This integration ingests alerts from Google SecOps SIEM to Cortex XSOAR. Pulls Google SecOps data into the product using Google SecOps APIs.
Picus Security Picus Security Validation Platform This integration continuously evaluates the effectiveness of Google SecOps SIEM against simulated attacks. Pulls Google SecOps data into the product using Google SecOps APIs.
Polarity Polarity This integration allows the automated queries to Google SecOps events, assets, and IOC details from the Polarity overlay window. Pulls Google SecOps data into the product using Google SecOps APIs.
ServiceNow ITSM* This integration sends Google SecOps incidents to ServiceNow ITSM to simplify incident response. Google SecOps integration also provides enrichment details and seamless detailed lookup directly from the ITSM interface. Pulls Google SecOps data into the product using Google SecOps APIs.
ServiceNow Security Operations* This integration sends Google SecOps security incidents to ServiceNow Security Operations to simplify incident response. When IOCs and alerts related to enterprise assets or users or malicious domains are detected, incidents are generated in Security Operations for an immediate follow-up. Pulls Google SecOps data into the product using Google SecOps APIs.
ServiceNow Threat Intelligence* This integration leverages the Google SecOps enrichment details and seamless threat lookup directly from the ServiceNow Security Operations interface. Pulls Google SecOps data into the product using Google SecOps APIs.
Siscale AI Inc. DBA Arcanna.ai Arcanna.ai This integration enables Siscale AI-driven decision intelligence to integrate with Google SecOps data for faster and more accurate responses to cyber threats. Pulls Google SecOps data into the product using Google SecOps APIs.
SnapAttack SnapAttack This integration involves SnapAttack, an intelligence-driven threat detection platform, that provides detection rules and hunting searches implemented in Google SecOps. Pulls Google SecOps data into the product using Google SecOps APIs and pushes YARA-L rules into Google SecOps using Google SecOps APIs.
Superna Data Security Edition This integration maps the zero trust cyber storage fields into Google SecOps UDM where custom Google SecOps detection rules can trigger alerts and uncover IOCs. Sends pre-parsed or normalized data to Google SecOps UDM.
ThreatQuotient, Inc. Google SecOps IOC Exporter Connector This integration enables the automatic dissemination of IOCs from ThreatQ to Google SecOps. Sends pre-parsed or normalized data to Google SecOps UDM.
ThreatQuotient, Inc. Google SecOps Detections Connector This integration enables the automatic ingestion of Google SecOps detections into ThreatQ platform as ThreatQ events. Pulls Google SecOps data into the product using Google SecOps APIs.
Tines Tines This integration involves Tines workflow automation for frontline teams and Google SecOps to provide rich event and entity data, enhanced analysis, and deeper insights. Pulls Google SecOps data into the product using Google SecOps APIs and updates the reference list.
Upstream Security Upstream Security This integration monitors connected vehicles and IoT devices for security events and other threats. The integration pushes alerts and events to Google SecOps for advanced correlation, analysis and response. Sends raw log data to Google SecOps.
ZeroFox ZeroFox (Sign in to ZeroFox to view the page) This integration sends the Google SecOps phishing, fraud, botnet, credential, data breach, physical, and other threat data to protect brands, domains, people, and assets. Sends pre-parsed or normalized data to Google SecOps UDM.

* indicates that Google manages the integration hosted on the vendor's site.