The Polarity - AbuseIPDB Integration supports the enrichment of IP addresses in ipv4 and ipv6 format.
Learn moreThe Polarity-AlienvaultOTX integration will return results from different Pulses that the security community is adding to AlienvaultOTX. The integration will return known pulse information on hash, IPs, and domains, allowing analysts to see potential indicators of compromise and malware-related information.
Learn moreThe Polarity <> Analyst1 integration allows Polarity to get quick identification of Indicators and CVEs associated to Actors, Malware, and MITRE ATT&CK from the Analyst1 platform. Analyst1 maintains a comprehensive threat intelligence archive from free, paid, and internal sources powered by NLP automation and analyst curation. Analyst1 provides total data provenance in control by the customer, greatly increasing the simplicity of access and depth of data available for Polarity’s augmented views to end users.
Learn moreAnomali STAXX gives you an easy way to access any STIX/TAXII feed. The STAXX Portal equips users with tools for researching Indicators of Compromise (IOCs).
Learn moreThe Polarity - Anomali Threatstream integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with Anomali Threatstream, 1 that enables a user to see the threat information on indicators and one to bulk submit indicators to Anomali, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - Anomali Threatstream - provides context around indicators in Threatstream. Polarity Anomali Threatstream IOC Submission - enables analysts to bulk submit IOCs to Threatstream.
Learn morePolarity's APIVoid integration retrieves reputation information from various APIVoid endpoints.
Learn moreThe Polarity- Arin integration automatically enriches IP addresses based on ARIN's vast internet registry, enabling analysts to see the ownership and network information related to an IP address.
Learn moreThe Polarity Axonius integration allows Polarity to search the Axonius API to return event information on internal users and assets. The integration supports device lookups by preferred IP address, domain and a custom hostname type. In addition, user lookups are supported via e-mail address. Enabling analysts to quickly identify any assets on their network.
Learn moreThe Polarity Azure ADFS Error Codes enables analysts to have information on what the error code is and how to resolve the error.
Learn moreOn-Demand integration which decodes Base64 and URL Encoded strings
Learn moreThe Polarity BinaryEdgeintegration allows for enrichment of IP's, Domains and E-mail addresses. Free accounts are limited to 250 queries per month. If you are using a free, account we highly recommend running this integration as On-Demand Only. Register for a free account at the URL below: [https://app.binaryedge.io/sign-up](https://app.binaryedge.io/sign-up "https://app.binaryedge.io/sign-up")
Learn moreThe Polarity - Bitsight integration provides company insights from BitSight when searching on domains. Allowing the analysts to quickly understand the security profile of a company to better assess that companies risk when working with them.
Learn moreCarbon Black Response is a highly scalable, real-time EDR with unparalleled visibility for top security operations centers and incident response teams.
Learn moreThe Polarity Censys integration allows the Polarity user to quickly perform research against the three Censys maintained datasets collected via daily ZMap scans of the Internet and by synchronizing with public certificate transparency logs.
Learn moreThe Polarity ChatGPT integration leverages the OpenAI ChatGPT REST API to answer your questions. The integration will respond to any search terms that end in a question mark. Enabling analysts to harness the power of ChatGPT right from the Polarity overlay window.
Learn moreSecurity Operations Incident Response Threat Hunting Pen Testing Network Engineering SIEM
Polarity's Chronicle Backstory integration allows automated queries to the Events, Assets, and IOC Details endpoints in Chronicle Backstory's API from the Polarity overlay window.
Learn moreCISA-Vuln Integration Overview <br>The Polarity - DHS CISA Known Exploited Vulnerabilities Integration returns information on vulnerabilities (CVEs) that have been identified by CISA
Learn moreThe Polarity Cisco Threat Response integration allows Polarity to search the Threat Response Enrich API to return information about various indicator types.
Learn moreThe Polarity-Cisco Umbrella (formerly known as OpenDNS) provides immediate awareness on domains. Enabling an analyst to quickly know if a domain is malicious benign or uncategorized, also categorizing the domain into content and security categories.
Learn moreThe Polarity Cofense Intelligence™ integration allows Polarity to quickly identify malicious file hashes contained within the Cofense Intelligence™ platform.
Learn moreThe Polarity-Confluence integration benefits analysts by facilitating access to up-to-date information for any Space, Attachment, Page, or Blog associated with the connected Confluence account. Results are returned for any email address, domain name or IPv4/6 address mentioned in Confluence description.
Learn morePolarity's Cortex XSOAR integration allows automated queries against Cortex XSOAR's incident database, creates incidents from entities, and allows a user to execute predefined playbooks from Polarity.
Learn moreThe Polarity Cortex XSOAR IOC Submission integration allows Polarity to search your instance of Cortex XSOAR to return found domains, IPs, hashes, and emails. The integration also allows you to Create and Delete Indicators and Incidents (IOCs) in bulk from Cortex XSOAR.
Learn moreCRITs is an open source malware and threat repository that leverages other open source software to create a unified tool for analysts and security experts engaged in threat defense.
Learn moreThe Polarity CRXcavator integration is an on-demand integration which provides risk information about third-party Chrome extensions based on the extension ID. The extension ID is a 32 character string made up of alphabetical letters. The integration will return risk information for the most recent version of the extension as well as information for the version of the extension with the maximum risk, and information for the version of the extension with the minimum risk. Finally, a risk history table is displayed which lets an analyst view the change in risk over time for the integration.
Learn moreCVE Search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitate search and processing of CVEs.
Learn moreThe Polarity - Cyber Risk Analytics integration searches Cyber Risk Analytics for known breaches related to domains and emails on your screen.
Learn moreCyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more. The Polarity CyberChef Integration allows you to leverage much of CyberChefs functionality by searching for any string on demand and enables you build out recipes based on the data you search. Try the CyberChef integration (and over 40 other open source integrations) for free with Polarity [Community Edition](https://polarity.io/ce/).
Learn moreThe Polarity CyberReason integration allows Polarity to search CyberReason's API to return threat information on IP's, Domains and File Hashes.
Learn moreThe CyberSponse CyOPs platform is a holistic and enterprise built security orchestration and security automation workbench that empowers security operation teams.
Learn moreThe Polarity DarkOwl integration allows you to query various indicator types against DarkOwl Vision’s DARKINT data collection.
Learn morePolarity's Devo integration allows a user to connect and search a Devo instance.
Learn moreThe Polarity-Dig integration allows an analyst to quickly run the dig command on their Polarity server, enabling analysts to quickly see associated domains, IPs, and headers.
Learn moreDigital Risk Protection Software is designed to protect you from external threats, continually identifying where your assets are exposed, providing sufficient context to understand the risk, and options for remediation. The Polarity Digital Shadows integration allows the Polarity user to quickly perform research against the Digital Shadow's search features.
Learn moreDiscoverOrg contains the most accurate and robust sales and marketing intelligence available in the market. Polarity brings that information to you in near real time.
Learn moreIris is a proprietary threat intelligence and investigation platform that combines enterprise-grade domain intelligence and risk scoring with industry-leading passive DNS data from Farsight Security and other top-tier providers. An intuitive web interface and API atop these data sources help security teams quickly and efficiently investigate potential cybercrime and cyberespionage. The Polarity DomainTools Iris integration allows Polarity to search Iris for risk information on Domains and Link back out to IRIS if there is associated information less than the count that you set below. More information on Iris: [https://www.domaintools.com/products/iris](https://www.domaintools.com/products/iris "https://www.domaintools.com/products/iris")
Learn morehe Dragos Platform is a cybersecurity software that identifies ICS network assets, malicious activity, and provides guidance to investigate incidents The Dragos Polarity Integration searches the Dragos WorldView API for incidents related to malicious IPs, Hostnames, Domains, SHA1, SHA256, and MD5 hashes, as well as by tags in the Dragos platform.
Learn moreThe Polarity - Dynatrace integration enables analysts to quickly get an understanding of the servers in their environment. Being able to quickly search logs in Dynatrace and information about the server matching the IP or domain.
Learn moreThe Polarity-Elasticsearch integration allows analysts to get real-time insights into any data contained within indexes in Elasticsearch, enabling analysts to work faster and more efficiently.
Learn moreThe Polarity - EmailRep integration returns reputation and history information about an email, allowing analysts to quickly understand if an email is something that is suspicious based on the EmailRep information.
Learn moreSecurity Operations Malware Analysis Incident Response Network and Infrastructure
Occasionally our users come across UNIX Epoch time, the representation of time as the number of seconds elapsed since January 1st, 1970. Polarity automatically converts Epoch time to a readable time.
Learn moreThe Polarity Exploit finder uses the Google search API to search for publicly available exploits from the following websites. * Exploit-db.com * Github.com * PacketStormSecurity.com * 0day.today * Vulnerability-Lab.com * CXSecurity.com * SecurityFocus.com * Rapid7.com * SecuriTeam.com * exploit.kitploit.com
Learn moreFarsight Security’s DNSDB™ is a Passive DNS historical database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure.
Learn moreThe FIR (Fast Incident Response) integration searches the FIR cybersecurity incident management platform for artifacts contained within cybersecurity incidents.
Learn moreThe Polarity FireEye Detection on Demand (DoD) integration allows Polarity to quickly identify malicious files contained within the FireEye platform. The FireEye DoD service only supports looking up MD5 hashes.
Learn moreThe Polarity - Flashpoint integration queries the indicators, reports, and forums endpoints in Flashpoint for IPs, domains, CVEs, and file hashes. These capabilities enable analysts to have a complete threat picture of indicators Flashpoint has information on, even enabling the analyst to quickly pivot to Flashpoint for further analysis.
Learn moreOn-demand integration which converts selected text to a user-chosen font for accessibility purposes.
Learn moreThe Polarity Fortress integration allows for SHA-256 entity types to be enriched against the Fortress File Integrity Assurance (FIA) API.
Learn moreFullContact’s enrichment APIs let you transform partial identities into complete profiles to connect with prospects, capture audience insights, and enhance customer experiences.
Learn moreThe Polarity - Gigamon integration searches Gigamon for detection information as well as any associated DHCP, PDNS or Summary information.
Learn moreThe Polarity - Github integration uses the Google search API to search for publicly available information on github from indicators to code.
Learn morePolarity's Google Compute Engine integration gives users the ability to lookup IP addresses and hostnames for VM instances in your Google Compute Engine infrastructure. The integration supports both internal and external IP lookups, and internal and custom hostnames. Internal hostnames must end in `.internal` and custom hostnames must end in a public suffix to be recognized.
Learn moreThe Polarity Google Search Custom Search (CSE) allows the analyst to retrieve and display search results from Google Custom Search programmatically.
Learn morePolarity's Google Drive integration gives users the ability to search files stored in a specified Google drive folder. This integration leverages the v3 drive API.
Learn moreThe Polarity - Google Maps integration enables analysts to geo-locate and pull back a map from google based on a lat-long or an address.
Learn moreThe Polarity Google Search integration allows the analyst to retrieve and display search results from Google, just like you were to search for terms using google.com.
Learn moreThe Polarity - Google Translate integration enables analysts to quickly translate any foreign text to English with Polarity’s On-Demand mode. Allowing analysts to have a better understanding of what is being discussed in forums etc.
Learn moreThe Polarity - GreyNoise integration searches IPs in GreyNoise for internet scan and attack activity related to indicators on your screen. The scan and attack activity is then displayed via the Polarity Overlay Window, and we support the GreyNoise Community API out of the box if you do not already have an Enterpise API Key.
Learn moreThe Polarity H-ISAC TAXII Feeds Integration retrieves Collections and Indicator Object data for Domains, URLs, Emails, IPs, and Hashes using H-ISAC's implementation of STIX 2.0 and TAXII 2.0.
Learn moreHackerOne is a hacker-powered security platform that provides unmatched cybersecurity speed, depth and breadth of coverage at a greater value. Polarity's HackerOne integration allows automated queries against HackerOne's API for all of your programs information relating to Scopes, Valued Vulnerabilities, Weaknesses, and Reports.
Learn moreCheck if you have an account that has been compromised in a data breach.
Learn moreThe Polarity host.io integration allows for domain entity types to be enriched against the host.io API enabling analysts to have instant context on a domains IP, backlinks, social sites and more. This is an on-demand only integration.
Learn moreThe Polarity-HYAS integration effectively provides “HYAS Insight anywhere” by searching HYAS Insight for IPs, domains, emails, and hashes.
Learn moreHybrid Analysis is a free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology.
Learn moreIBM® QRadar® SIEM detects anomalies, uncovers advanced threats and removes false positives.
Learn moreThe Polarity - IBM Resilient integration searches the Resilient Incident Response Platform for incidents related to indicators on your screen. The integration can search across artifacts, incidents, tasks, and notes. Incident and tasks searches are full-text searches against all fields. Artifact searches are exact match searches against the artifact's value. Note searches are full-text searches against the content of the note. If a result is found, the integration will display information about the related incident. Incidents are deduplicated so that an incident is only shown a single time even if it has multiple matches. This allows analysts to quickly see when there are related tickets, enabling them to triage and close tickets faster and more efficiently.
Learn moreIBM X-Force Exchange is a cloud-based threat intelligence sharing platform enabling users to rapidly research the latest security threats, aggregate actionable intelligence and collaborate with peers.
Learn moreiDefense Security Intelligence Services provides security intelligence through the next generation IntelGraph platform that provides context, visualizations, searching, alerting and a robust RESTful API.
Learn moreThe Polarity Intel 471 integration allows Polarity to search the Intel 471 API to return information about various indicator types.
Learn moreThe IntSights ETP Suite monitors thousands of sources across the clear, deep, and dark web to identify threats that directly target your unique digital footprint. IntSights Threat Command finds and mitigates external threats that directly target your organization, employees, and customers.
Learn moreThe ipinfo core API product returns geolocation, ASN, and hostname information for an IP address.
Learn moreThe Polarity - IronNet Collective Defense integration provides analysts a way to quickly triage information from the IronNet Collective Defense Portal enabling them to detect threats, exchange insights and stop attacks faster. Analysts can quickly leverage the alert, event an indicator data within IronNets Collective Defense portal.
Learn moreThe Polarity LinkedIn integration uses the Google search API to search for emails, handles names and indicators on LinkedIn.
Learn moreThe Local-Calling Guide contains local calling, area code, and prefix information for Canada, the United States of America, and other countries that are part of the North American Numbering Plan.
Learn moreSecurity Operations Incident Response Threat Hunting Pen Testing Threat Intelligence Open Source
Returns information on the 1 million domains with the most referring subdomains.
Learn moreThe Polarity Malware Bazaar integration allows Polarity to quickly malicious file hashes contained within the Malware Bazaar platform.
Learn moreThe Polarity-Mandiant Threat Intelligence Integration allows analysts to have instant data awareness and recall on any intelligence from Mandiant dataset.
Learn moreSecurity Operations Threat Hunting Incident Response Pen Testing Threat Intelligence Open Source
The Polarity - Maxmind integration replicates the Geolocation database from Maxmind to enable analysts to have complete geo-location information for IP addresses, enabling analysts to quickly have an understanding of where an IP is located.
Learn moreThe Polarity - Merriam Webster integration queries Merriam Webster to return dictionary information about words contained in an on-demand search.
Learn morePolarity's MeaDefender integration gives users access to potentially malicious file hash lookups against the MetaDefender OPSWAT REST API. MetaDefender is a cyber security platform for preventing and detecting cyber security threats on multiple data channels.
Learn moreThe Polarity Microsoft 365 Defender Integration allows you to search for Emails assigned to Alerts and Incidents, along with the ability to run Advanced Threat Hunting Kusto Queries on all entity types from Microsoft 365 Defender. Enabling analysts to quickly search their Defender instance for breach and alert information.
Learn moreThe Polarity - Microsoft Sentinel integration enables analysts to quickly query indicators within Sentinel, allowing analysts to quickly make decisions. The Sentinel integration queries the threat intelligence and geo location information in Sentinel as well as enables analysts to add a Kusto Query, to query Sentinel logs.
Learn moreThe Polarity - MISP integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with MISP, 1 that enables a user to see the threat information on indicators and one to bulk submit indicators to MISP, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - MISP - provides context around indicators in MISP. Polarity -MISP IOC Submission - enables analysts to bulk submit IOCs to MISP.
Learn moreThe Polarity MISP integration allows Polarity to search your instance of MISP to return found domains, IPs, hashes, and emails. The integration also allows you to Create and Delete attributes (IOCs) in bulk from MISP. > **_NOTE_**: Attribute creation will create a new event containing all Attributes submitted.
Learn moreThe Polarity MISP Warning Lists integration searches MISP hash, domain and IPv4 based warning lists and returns related list information.
Learn morePolarity's MongoDB integration can search your MongoDB instance using a user provided search and return results via the Polarity Overlay Window or HUD. The integration supports updating `string` fields in the document. In addition, the integration has the ability to add new fields to a document.
Learn moreThe Polarity - MXToolbox integration enables analysts to quickly search across MXToolboxes mx, blacklist, http and https data sources. Allowing them to have quick insights into the DNS records and history.
Learn morePolarity's MySQL/MariaDB integration allows automated lookups to a MySQL or MariaDB database using a user defined query. The integration only supports running a single query. As a result, it is recommended to pick a single entity type using the "Manage Integration Data" option on the integrations page. This integration uses the excellent [node-mariadb](https://www.npmjs.com/package/mariadb). While this integration will work out of the box, it primarily intended to provide a well-defined template for constructing your own custom MySQL/MariaDB based integrations. > Please note that this integration is designed to work with a single database user account. As a result you should make sure the database connection options (host, port, name, user, and password) are locked (i.e., all users share the same settings)
Learn moreThe Polarity Nexpose Insight IDR Integration allows you to easily Query Emails, IP Addresses, Domains, and URLs in both Investigations, and Query Logs. You can also add Indicators to Threats, Close Investigations, and Assign Users to Investigations.
Learn moreOkta is a customizable, secure, and drop-in solution to add authentication and authorization services to your applications. The Polarity Okta integration allows you to search for Okta users by email address.
Learn morePolarity's OpenCTI integration queries various indicator types against the OpenCTI GraphQL API.
Learn moreThe Polarity OSINT Pivot integration allows an analyst to run an on-demand query against various indicator types to return a list of recommended OSINT resources to quickly pivot to.
Learn moreAutoFocus™ is a contextual threat intelligence service that accelerates analysis, correlation, and prevention workflows.
Learn moreReturns Passivetotal whois intelligence for domains and emails.
Learn moreThe Polarity - Phantom integration enables an analyst to have an immediate understanding of indicators in their Phantom artifacts and containers, while also providing a complete history of the playbooks and actions taken against the indicator, as well as enabling the analysts to run a playbook based on an indicator that either is not contained within an artifact or container or exists currently.
Learn morePhishStats is known for fighting phishing and cybercrime since 2014 by gathering, enhancing and sharing phishing information with the infosec community. The PhishStats integration searches the PhishStats API for Domains, URLs, IPs, and SHA256 Hashes for phishing related activity.
Learn moreThe Polarity-Pipl integration allows the Polarity user to quickly perform research against persons of interest via email address and telephone number recognition.
Learn morePostgreSQL is a powerful, open source object-relational database system.
Learn moreDecode URLs which have been rewritten by TAP to their original, target URL. For more information about the Proofpoint URL Decoder API please see [https://help.proofpoint.com/Threat_Insight_Dashboard/API_Documentation/URL_Decoder_API](https://help.proofpoint.com/Threat_Insight_Dashboard/API_Documentation/URL_Decoder_API "https://help.proofpoint.com/Threat_Insight_Dashboard/API_Documentation/URL_Decoder_API")
Learn moreThe Polarity - Pulsedive integration provides analysts real time community driven threat intelligence on ips and domains. Allowing analysts to have the vast risk knowledge that Pulsedive can provide in any workflow they are using.
Learn moreThe Polarity Qualys Integration queries the Qualys Cloud Platform's Host Detection List and KnowledgeBase for IP Addresses, Domains, CVEs and QIDs.
Learn moreRapid7 AttackerKB provides a forum for the security community to share insights and views that might otherwise get lost in all the hype and chaos, or dismissed as merely anecdotal. The Polarity AttackerKB integration allows for CVEs on the analyst screen to be queried against the "Topic" API.
Learn moreRapid7 Nexpose looks up IPs for related vulnerabilities that Nexpose has identified
Learn moreThe Polarity - Recorded Future searches the Recorded Future API for threat information on associated indicators. Allowing analysts to have the power of Recorded Future's vast threat intelligence no matter what application they are looking at, enabling better data awareness and recall.
Learn moreRedis is an open source, in-memory data structure store, used as a database, cache and message broker. This integration provides a template for connecting to Redis to return data from user-defined queries.
Learn moreOpen-source project management application. There is also the Redmine Issue Creator integration, which allows for users to create a ticket in Redmine.
Learn moreThe Polarity Regex Cheat Sheet integration looks up regex characters to let users know what those characters for and notes about them. This is an On-Demand only integration.
Learn moreReversingLabs delivers industry-leading threat detection and analysis solutions that address the latest generation of cyber attacks.
Learn moreSecurity Operations Incident Response Malware Analysis Network and Infrastructure
The A1000 Malware Analysis Platform supports advanced hunting and investigations through the TitaniumCore high-speed automated static analysis engine.
Learn moreThe Polarity RIPE Database Search integration allows Polarity to query IP addresses against the WHOIS REST API published by the RIPE-NCC.
Learn moreThe Polarity RIPEstat integration allows Polarity to return all announced prefixes for a given ASN via the RIPEstat Data API.
Learn morePolarity - RiskIQ integration allows Polarity to search RiskIQ Security Intelligence Services (SIS API) to return threat information on IP's, Domains and URL's.
Learn moreThe Polarity Archer integration allows freeform text searching for IPs, Hashes, domains as well as tracking IDs for core applications such as Devices, Applications, Risk Registry, Security Incidents and Findings in your Archer instance.
Learn moreFind customers, close deals faster, and grow accounts with Salesforce, the world’s #1 Customer Relationship Management (CRM) platform.
Learn moreThe Polarity Sandbox integrations uses the Google search API to search malware on different internet hosted sandboxes, to provide more information on the malware hashes.
Learn moreThe Polarity Security blogs integration uses the Google search API to search for infromation on info-sec blogs. Below is a list of blogs that are searched: * akami * bleepingcomputer * crowdstrike * csoonline * darkreading * danielmiessler * gbhackers * fireeye * grahamcluley * infosecurity-magazine * itsecurityguru * krebsonsecurity * lastwatchdog * microsoft * norfolkinfosec * recordedfuture * scmagazine * securityaffairs * securityweekly * silobreaker * sophos * talosintelligence * taosecurity * thehackernews * theregister * threatpost * trendmicro * tripwire * troyhunt * paloaltonetworks * zdnet
Learn moreThe Polarity Securonix integration allows Polarity to search Securonix API to return User Violation information on Emails, Domains and IP's.
Learn moreThe Polarity - SentinelOne integration enables analysts to get their most of their SentinelOne EDR platform. By quickly searching indicators for the different endpoints they relate to and potential threats analysts can have a complete understanding of their endpoints and how vulnerable they are. Analysts will also have the ability to edit policies, add or disconnect endpoints from their network if they are vulnerable and add threats to blocklists.
Learn moreThe Polarity - ServiceNow SIR integration enables analysts to have a complete view of indicators and incident response issues, enabling analysts to quickly triage information and make a quick decision.
Learn morePolarity's ServiceNow Security Incident Response (SIR) Integration allows the lookup of ServiceNow security incidents (e.g. SIR00000012), and Observables including IP addresses, CVE's, web domains, file hashes and e-mail addresses against your instance of ServiceNow.
Learn moreThe Polarity Sharepoint integration allows freeform text searching for IPs, hashes, and domains in your Sharepoint instance and retrieves related documents.
Learn moreThe Polarity - Shodan integration provides immediate awareness to Shodan’s vast Internet of Things search engine. Enabling analysts to quickly triage the location, associated domains and headers for an IP.
Learn moreThe Polarity - Shodan InternetDB integration enables analysts to get a quick view of what ports, CPEs, and Shodan tags are associated with an IP address. Enabling analysts to move quickly when triaging lots of different indicators.
Learn moreThe Polarity Slack Integration allows you to send messages to Slack channels directly from the Polarity Overlay Window, and search entities in Slack channel messages for all entity types. Install this integration to enable analysts to quickly understand if an indicator has been discussed by your team and to send messages about an indicator to other members in a Slack channel.
Learn moreThe Polarity SlashNext integration allows Polarity users to leverage SlashNext's On-demand Threat Intelligence (OTI) for the analysis of suspicious IPv4 addresses and domains.
Learn moreIdentifies Snort Signatures and allows for quick pivot to rule documentation
Learn moreThe Polarity Sophos integration allows Polarity to search Sophos to return found domains, urls, IPs, and SHA256 hashes. The integration also allows you to Isolated found endpoints, and add SHA256 hashes to your Block and Allow Lists.
Learn moreThe Polarity - Splunk integration enables you to quickly search any index in your Splunk Enterprise or Splunk Cloud instances. Enabling you to have complete awareness of any indicators that matter to you and your teams.
Learn moreThe Polarity Spur integration allows for IP entity types to be enriched against the Spur Context API.
Learn moreMicrosoft SQL Server is a relational database management system. This integration provides a template for connecting to SQL Server to return data from user-defined queries.
Learn moreThe Polarity Stackoverflow integration uses the Google search API to search to search for code examples on stackoverflow. * Stackoverflow * Stackexchange * Serverfault * Superuser
Learn moreSumo Logic, Inc. is a cloud-based machine data analytics company focusing on security, operations and BI use cases. It provides log management and analytics services that leverage machine-generated big data to deliver real-time IT insights. This integration will run the provided search query and return the first 10 results.
Learn moreSwimlane automates manual processes and operational workflows by delivering powerful, consolidated analytics, real-time dashboards, and reporting from across your security infrastructure.
Learn moreThe Polarity tenable.sc (formerly Security Center) integration allows Polarity to search the tenable.sc API to return information about various indicator types.
Learn moreThe Polarity - Tenable IO integration searches IPs and domains against Tenable IOs cloud vulnerability system. Enabling analysts to quickly know if anything in their environment has any vulnerabilities associated with it.
Learn moreThe Polarity - TheHive integration allows Polarity to search TheHive's Search API to return threat information on IP's, Domains and URL's.
Learn moreSecurity Operations Incident Response Threat Hunting Threat Intelligence Security and Incident Response
The Polarity - ThreatConnect integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with ThreatConnect, 1 that enables a user to see the threat information on indicators and one to bulk submit indicators to ThreatConnect, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - ThreatConnect - provides context around indicators in ThreatConnect and enables users to link out to Playbooks and run from the ThreatConnect Ui. Polarity -ThreatConnect IOC Submission - enables analysts to bulk submit IOCs to Threatstream.
Learn moreThe Polarity ThreatConnect integration allows Polarity to search your instance of ThreatConnect to return found domains, IPs, hashes, and emails. The integration also allows you to Create and Delete Indicators (IOCs) in bulk from ThreatConnect.
Learn moreThe Polarity - ThreatMiner integration searches ThreatMiner for whois information on domains and IPs as well as sample information related to file hashes. IMPORTANT NOTE: Please note that the ThreatMiner API rate limit is set to 10 queries per minute.
Learn moreSecurity Operations Incident Response Threat Hunting Threat Intelligence Security and Incident Response
The Polarity - ThreatQuotient integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with ThreatQuotient, one that enables a user to see the threat information on indicators and one to bulk submit indicators to ThreatQuotient, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - ThreatQuotient - provides context around indicators in ThreatQuotient. Polarity -ThreatQuotient IOC Submission - enables analysts to bulk submit IOCs to Threatstream.
Learn moreThe Polarity ThreatQuotient integration allows Polarity to search your instance of ThreatQuotient to return found domains, IPs, hashes, and emails. The integration also allows you to Create and Delete Indicators (IOCs) in bulk from ThreatQuotient.
Learn moreThe Polarity ThreatStream IOC Submission integration gives users allows users to submit indicators of compromise to Anomali's ThreatStream platform.
Learn moreThe Polarity TrapX integration allows Polarity to search the TrapX DeceptionGrid API to return event information on IP addresses.
Learn moreSecurity Operations Incident Response Threat Hunting Threat Intelligence Security and Incident Response
The Polarity TruSTAR integration allows Polarity to search the TruSTAR API to return information about various indicator types.
Learn moreThe Polarity Twitter integration uses the Google search API to search for twitter for related tweets around your search parameters.
Learn moreThe Polarity Unshorten.me integration allows Polarity to Un-Shorten URLs created by URL shortening services.
Learn moreUPS Developer APIs allow users to display the status and location of packages from UPS.
Learn moreThe Polarity URL Pivot integration allows an analyst to run an on-demand query against an IP, hash, domain or email to return a list of queries that they can then execute in their SIEM or any other URL users want to search.
Learn moreThe Polarity - URLhaus integration searches Abuse.ch’s URLhaus datasource of malware urls. Enabling an analyst to quickly have an understanding of what the community has submitted to URLhaus to determine if there is associated malware.
Learn moreThe Polarity-Urlscan integration will return results from the most recent relevant scan performed by the Urlscan service. After searching for the scan, additional scan details are returned by retrieving the overall verdict information to include whether the indicator is malicious, the overall score, tags, categories and brands. Try the Urlscan integration (and over 40 other open source integrations) for free with Polarity [Community Edition](https://polarity.io/ce/).
Learn moreThe Polarity USCert integration uses the Google search API to search for indicators all throughout USCerts website.
Learn moreThe Polarity-VirusTotal integration provides instant awareness on hashes from VirusTotals vast database on malicious indicators. Enabling analysts to triage file hashes and IPs to see if there are any known viruses, trojans etc that have been associated with them.
Learn moreThe Polarity - VulDB integration provides immediate awareness of vulnerability information related to CVE’s and Microsoft Security Bulletins. Enabling analysts to have the community-driven vulnerability information immediately available whenever there is a CVE or KB ID on their screen.
Learn moreWith Polarity’s VulnDB integration, you have ready access to the vast intelligence that VulnDB provides anytime there is a CVE on your screen. No matter what you are looking at, whether it’s the output of a vulnerability scan or a PDF with the latest threat information, you will have the power of VulnDB’s vulnerability data overlaid on your screen. The integration also provides a link directly to VulnDB’s SaaS Portal, ensuring you have full access to VulnDB’s comprehensive vulnerability intelligence right when it’s needed most.
Learn moreThe Polarity - Merriam Webster integration queries Merriam Webster to return dictionary information about words contained in an on-demand search.
Learn moreWikipedia is a free online encyclopedia, created and edited by volunteers around the world and hosted by the Wikimedia Foundation.
Learn moreDisplays information about Windows security audit events
Learn moreThe best worldwide market data provider.
Learn moreThe Polarity Yara finder uses the Google search API to search for publicly available Yara Signatures from the following websites. * Github.com * Cofense * Fraynhofer.de * Loginsoft
Learn morePolarity's youtube integration gives users the ability to search for and view youtube videos. In the search bar type `yt:` followed by your search term. The integration will return the 30 most relevant videos.
Learn moreZendesk is a customer service and engagement platform. The Polarity Zendesk integration displays relevant ticket information based on email addresses and domains.
Learn moreThe Polarity - Zscaler integration enables analysts to quickly check and see if a domain is a part of a predefined Zscaler category and/or add the domain to another category within Zscaler. Allowing analysts to quickly triage their block and allowlists in Zscaler enabling them to respond quickly to events.
Learn more
Social Media Searcher
Pen Testing Threat Hunting
Learn more
The Polarity Social Media Searcher uses the google search API to pass through programmatically search if there are any known social media accounts on any of the following websites. * facebook.com * twitter.com * instagram.com * tiktok.com * reddit.com * parler.com * linkedin.com
Learn more