Skip to main content

Integrations

Arcanna.AI connects with a variety of platforms used within the SOC ecosystem, such as SIEMs, SOARs, data warehouses, case management systems, threat intel, email, notification systems, and the list can go on. The integrations are plug-and-play, don't require any coding skills, but simply basic configuration parameters for the API connectors. Giving access to all the relevant data to Arcanna ensures the quality of the decisions it will further on make.

While they might have different purposes, all of them are configurable in the Integrations section of Arcanna.

Input integrations

Sources for the events to be investigated. The list includes:

  • OpenSearch
  • Elasticsearch
  • Google Chronicle
  • QRadar
  • Siemplify
  • Splunk
  • ThreatConnect
  • External REST Api - generic connector for other sources of data that are not listed above

Output integrations

The processed events and the conclusions drawn on them will be stored using an integration of this type. The list includes:

  • Elasticsearch
  • OpenSearch

Enrichment integrations

Additional information needed in the investigation process from Threat Intel sources:

  • Cisco Umbrella
  • VirusTotal
  • OpenThreatIntel

Post-decision integrations

Used for tasks that need to be performed based on the decision made upon an event. With this type of integration, you can create tickets automatically, trigger SOAR playbooks, add Arcanna's decision into the event's description, send notifications when case, etc.

  • Siemplify
  • Splunk
  • QRadar
  • Slack
  • TheHive
  • Elasticsearch
  • ThreatConnect
  • DFIR IRIS
  • Otobo
info

For additional details on how to create and manage Integrations, check the User Guide -> Adding an Integration section

REST API

Arcanna.ai also exposes a REST API. Swagger describing all endpoints can be found at http://<your-arcanna.ai-url>:9666/docs. Authentication is done using the x-rest-api-token header and the token generated from Arcanna.ai's web interface -> Profile menu on the top right corner -> API Keys.

Other integrations

If you require any other integrations, you can contact us at https://arcanna.ai/support.