Connect your security ecosystem to full-lifecycle incident management
D3 Connectors are turn-key integrations that primarily intake events from a source system and make them available for incident management, investigation and security operations in D3. The Connectors listed below have been developed with each partner to ease implementation and provide bi-directional data flow from technology alliances that offer factory support from both sides. The D3 Connect Hub also supports custom integrations through its compatibility with virtually any data format or protocol.
Security Information and Event Management (SIEM) Connectors
The ArcSight SIEM Connector enables an ArcSight SIEM incident response platform integration, with the added benefit of D3’s digital forensics case management system, Entities Knowledgebase and Root Cause – Corrective Action Module. The ArcSight integration also provides access to HPE’s threat intelligence solution, Threat Connect, which is used to enrich incident records in D3 with increased context, enhancing both the triage and response capabilities of analysts.
The Splunk Integration supports a streamlined and automated interaction between Splunk ES notable events and D3’s incident response and case management system, in addition to a custom “D3 Dashboard” in Splunk, which shows detailed incident counts and processing data.
IBM QRadar users have selected D3 Security because our IBM QRadar Integration enables two valuable levels of incident management: incident response and digital forensics case management. The two-way integration supports custom searches and ensures up-to-date statuses and reporting.
Threat Intelligence Connectors
HPE Threat Central
Through the ArcSight SIEM Connector, users can monitor, search, correlate and act upon data from Threat Central.
The FireEye iSIGHT Connector streamlines the enrichment of incident records with threat and contextual intelligence from iSIGHT.
Designed to enrich incident records with enhanced context, the X-Force Connector helps analysts speed incident identification and triage.
IT Service Management (ITSM) Connectors
Service Now ITSM
Managing the full lifecycle of an event requires your incident response function to interface with IT, through their ITSM. Via the ServiceNow Connector, security users can leverage incident playbooks that guide the IT team to compliant device, data and evidence handling procedures.