product - Integration

Cognito integrates with an ecosystem of security technologies to fight cyberattacks

Prevention

Firewall

Detect compromised hosts, their IP addresses and threat certainty, and push this information to firewalls to quarantine infected devices, halt communication with command-and-control servers, and stop data exfiltration.

Get the Palo Alto Networks solution briefGet the Juniper solution brief

Endpoint

Endpoint-security solutions complement the Cognito platform by providing rich contextual data about specific devices in the network, including machine name and operating system, that Cognito has detected are under attack. With comprehensive endpoint context, security teams can quickly identify malicious processes on the endpoint and respond efficiently.

Check out our API tools

Active

Security orchestration

Working with security orchestration, Cognito automatically detects hidden threats and correlates them with infected host devices to enable faster enforcement actions by next-generation firewalls, EDR and NAC solutions.

Get the Demisto solution briefGet the Splunk Phantom solution brief

Endpoint detection and response (EDR)

Augment EDR with rich contextual data from Cognito about specific endpoint devices. With comprehensive endpoint context, security teams can quickly detect and respond to malicious processes on endpoints.

Get the CrowdStrike solution briefWatch the Cognito integration with CrowdStrike Falcon VideoGet the Carbon Black solution brief

Threat intelligence

Automate threat hunting by enabling security teams to import local and industry-specific indicators of compromise (IoCs) consisting of malicious IP addresses, domains, URLs and user agents expressed in STIX files.

Check out our API tools

Clean-up

SIEM

Give SIEMs rich insights into threats that evade traditional security. With visibility into all attack phases, Cognito provides an efficient starting point for investigations and SIEM rules by mapping threats to infected hosts.

Get the Splunk solution briefGet the ArcSight solution briefGet the IBM QRadar solution brief

Forensics

The AI-based Cognito platform gives forensics investigators rich insights into active threats that are unseen by traditional security solutions by offering visibility into every phase of an in-progress cyberattack. Cognito also provides the most efficient and insightful starting point for investigations rules by precorrelating threat scores with compromised hosts.

Check out our API tools

Infrastructure

Traffic optimization

Traffic optimization augments Cognito by inspecting, analyzing and filtering unneeded traffic. Operational efficiency is improved by load balancing, dynamically tightening filters and redirecting traffic for high availability.

Get the Ixia solution briefGet the Gigamon solution brief

Virtualized data centers

Identify critical vulnerabilities at every layer of the virtualized data center. Leveraging AI, Cognito detects hidden cyberattacks against applications, data, virtualization layers and the underlying physical infrastructure.

Learn about the Vectra Cognito and Microsoft Azure solutionGet the VMware solution brief

Open API

Automate cyberattack response and enforcement with virtually any security solution. The open-standard REST API in Cognito provides access to security event data, platform configuration and health information.

Check out our API tools