SOC.OS Cyber Security Acquired by Sophos - Learn More
SOC.OS Cyber Security Acquired by Sophos - Learn More

Don’t see your security tool? We’re constantly integrating with new security solutions. If you don’t find your security tool on the list, don’t worry, as long as it produces alerts in machine-readable format, we’ll be able to integrate with it. If you think something is missing from SOC.OS’ tools list, let us know and we’ll look into integrating!

AWS GuardDuty

Amazon GuardDuty offers continuous monitoring of your AWS accounts and workloads to protect against malicious or unauthorized activities.

Fortinet FortiAnalyzer

Fortinet FortiAnalyzer is an integrated security architecture with analytics and automation capabilities can address and dramatically improve visibility and automation.


Complete Security Portfolio: SonicWall deliver one of the most comprehensive selection of SME security products in the market.

Azure Defender for Servers

Safeguard Windows servers and clients with Microsoft Defender for Endpoint (servers) and protect Linux servers with behavioural analytics.

Azure Active Directory Identity Protection

Identity Protection is a tool that allows organizations to automate the detection and remediation of identity-based risks and export risk detection data to third-party utilities for further analysis.

Microsoft Cloud App Security

Microsoft Cloud App Security is a comprehensive cross-SaaS solution bringing deep visibility, strong data controls, and enhanced threat protection to your cloud apps.

Office 365 Cloud App Security

Office 365 Cloud App Security includes threat detection based on user activity logs, discovery of Shadow IT for apps, control app permissions to Office 365, and apply access and session controls.

Azure Information Protection

Azure Information Protection (AIP) is a cloud-based solution that enables organizations to classify and protect documents and emails by applying labels.

Azure Sentinel

Azure Sentinel provides intelligent security analytics across your enterprise. The data for this analysis is stored in an Azure Monitor Log Analytics workspace.


Mimecast cloud cybersecurity services for email, data, and web provides your organization with archiving and continuity needed to prevent compromise.

Palo Alto / PAN-OS®

PAN-OS® is the software that runs all Palo Alto Networks® next-generation firewalls.

Sophos Firewall

XG Firewall provides an elegant and effective web-based management console that offers quick access to all the features you need.

Fortinet FortiGate

FortiGate NGFWs enable security-driven networking and consolidate industry-leading security capabilities.

Cisco Firepower

This is your administrative nerve center for managing critical Cisco network security solutions. It provides complete and unified management over firewalls


Malwarebytes protects you against malware, ransomware, malicious websites, and other advanced online threats that have made traditional antivirus obsolete


Sophos Endpoint is an endpoint protection product that combines antimalware, web and application control, device control and much more.

Trend Micro

Trend Micro Deep Discovery is an advanced threat protection platform that enables you to detect, analyze, and respond to today’s stealthy, targeted attacks.

Microsoft Defender for Identity

Microsoft Defender for Identity helps protect your organization’s identities from multiple types of advanced targeted cyberattacks.


A comprehensive Security Information and Events Management (SIEM) solution that enables organisations to log all their IT infrastructure events to a single platform.

Thinkst Canary

Most companies discover they’ve been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup, no ongoing overhead, nearly 0 false positives, and you can detect attackers long before they dig in.


Proofpoint provides software as a service and products for inbound email security, outbound data loss prevention, social media, mobile devices, digital risk, email encryption, electronic discovery, and email archiving.


Cloud-native, Darktrace offers coverage of your entire enterprise, from workforce devices and IoT, to SaaS and email.


Forcepoint offers user and data protection cybersecurity, safeguarding organizations while driving digital transformation and growth.


McAfee integrates native controls with machine-learning technology, providing protection for hybrid environments.


Auth0 is an authentication and authorization management platform available for the web, IoT, mobile devices and legacy apps.

Azure Advanced Threat Protection

Azure Advanced Threat Protection (ATP) solution is used to detect advanced attacks in hybrid environments.

Cisco Meraki

Cisco Meraki offers tools allowing administrators to maximize the security of their network deployments, providing optimal protection, visibility, and control over your Cisco Meraki network.

Azure Security Center

Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers, providing advanced threat protection across hybrid workloads.

Microsoft Office 365 Security & Compliance

Provides a centralised portal for controlling governance and mitigating threats within Office 365.

Blackberry Cylance

Blackberry Cylance provides endpoint detection and response, providing visibility, root cause analysis, scalable threat hunting, and automated threat detection and response.

Check Point

Check Point offers multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention, which defends enterprises’ cloud, network and mobile device held information.

Cisco Firepower

This is your administrative nerve centre for managing critical Cisco network security solutions. It provides complete and unified management over firewalls.


ManageEngine AD Audit Plus is an auditing tool that allows the user to track file permission changes, monitor logons and monitor Windows Server security-related activities.

Microsoft Advanced Threat Analytics (ATA)

Microsoft ATA captures and parses network traffic of multiple protocols. It also gathers information from multiple data sources to learn the users’ behaviour and to automatically create their behavioural profile.


Netwrix provides change management software to help companies with security and compliance auditing.


SentinelOne is a cloud-based solution providing endpoint security. Key features include behavioural analytics, activity log, whitelisting/blacklisting and document management.

Don't see your security tool listed?

We’re constantly integrating with new security devices. If you don’t find your security tool on the list, don’t worry, as long as it produces alerts in machine-readable format, we’ll be able to integrate with it.

For more information about SOC.OS, contact