NextGen SOAR Integration

Integrating the Zscaler Platform with D3 NextGen SOAR enables rapid orchestration of firewall actions to protect users, endpoints, and data, no matter where they are. With D3, threat intelligence and uncovered IOCs can be turned into Zscaler updates via automated playbooks, with no screen-switching or manual data entry required.

Zscaler Integration

Integration Features

Orchestrate Zscaler operations from D3 playbooks, including updating Allowlists and Denylists
Retrieve sandbox reports from Zscaler to identify malicious files
Automate bulk updates, such as blacklisting all URLs from a threat intelligence report
Assign URLs to Zscaler categories from D3

Key Use Case

#1: Phishing Response Orchestration

When a potential phishing email is detected, D3 strips out all of the elements for analysis, including the URL of any links in the email. The elements are checked against threat intelligence and historical incident data and given a risk score. If any URLs are found to be malicious, D3 can blacklist them in Zscaler, directly from the automated playbook. The playbook will also orchestrate any other necessary tasks across the security infrastructure, such as blocking the sender’s domain, deleting the email from inboxes, and scanning for any other affected endpoints.

Zscaler Integration

#2: Bulk Firewall Updates

Updating firewall Allowlists and Denylists to respond to new threat intelligence or internal policies can be a time-consuming process. When done manually, Allowlists and Denylists usually need to be updated one-by-one. When a Zscaler user needs to make bulk updates to their firewall rules, they can run an automated playbook in D3 to make all of the updates at once, including assigning URLs to categories within Zscaler.

Zscaler Integration

Meet Our Friends

Our Connected SOAR Security Alliance brings hundreds of vendors together, allowing customers to benefit from our deep industry relationships and fully vendor-agnostic, independent SOAR platform.

X Zscaler Integration

Get Started with D3 Security

One platform to stop alert overwhelm. Transform how your security team works, by focusing its resources on real threats.