Integration List

Microsoft Sentinel

Salem investigates alerts created in Sentinel, leverages Sentinel (Azure Log Analytics) search for alert enrichment, and can log Salem alert analysis back into a custom log in Sentinel.

Microsoft Defender

Salem investigates alerts created in Defender, leverages Defender (Advanced Hunt Query) search for alert enrichment, supports Defender case management update operations, and can trigger Defender response actions such as host isolation.

Splunk

Salem investigates alerts created in Splunk, leverages Splunk search for alert enrichment, and can log Salem alert analysis back into a custom index in Splunk.

Crowdstrike

Salem can collect and investigate alerts from Crowdstrike

Microsoft Graph API

Salem leverages Graph API to enrich alerts with user, application, security and other data available in the Graph API.

VirusTotal

Salem leverages Virus Total to enrich IOCs found in Salem alerts

Silent Push

Salem leverages Silent Push to enrich IOCs found in Salem alerts. Silent Push contains a host of unique domain and IP analysis data that Salem can leverage to understand alert activity.

Alien Labs OTX

Salem leverages OTXl to enrich IOCs found in Salem alerts

Azure Event Hub

Salem can send alert analysis events to Azure Event Hub, where consumers can read and process data for external automation and reporting.