Extend the Power of Polarity

Polarity is an overlay on top of all your existing workflows and tools. You can also build on top of Polarity to extend the power of the platform.

The Polarity - AbuseIPDB Integration supports the enrichment of IP addresses in ipv4 and ipv6 format.

Learn more

Microsoft Active Directory is a directory service developed for Windows domain networks.

Learn more

The Polarity-AlienvaultOTX integration will return results from different Pulses that the security community is adding to AlienvaultOTX. The integration will return known pulse information on hash, IPs, and domains, allowing analysts to see potential indicators of compromise and malware-related information.

image Learn more

The Polarity <> Analyst1 integration allows Polarity to get quick identification of Indicators and CVEs associated to Actors, Malware, and MITRE ATT&CK from the Analyst1 platform. Analyst1 maintains a comprehensive threat intelligence archive from free, paid, and internal sources powered by NLP automation and analyst curation. Analyst1 provides total data provenance in control by the customer, greatly increasing the simplicity of access and depth of data available for Polarity’s augmented views to end users.

image Learn more

Anomali STAXX gives you an easy way to access any STIX/TAXII feed. The STAXX Portal equips users with tools for researching Indicators of Compromise (IOCs).

Learn more

The Polarity - Anomali Threatstream integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with Anomali Threatstream, 1 that enables a user to see the threat information on indicators and one to bulk submit indicators to Anomali, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - Anomali Threatstream - provides context around indicators in Threatstream. Polarity Anomali Threatstream IOC Submission - enables analysts to bulk submit IOCs to Threatstream.

Learn more

The Polarity- Arin integration automatically enriches IP addresses based on ARIN's vast internet registry, enabling analysts to see the ownership and network information related to an IP address.

image Learn more

Carbon Black Response is a highly scalable, real-time EDR with unparalleled visibility for top security operations centers and incident response teams.

image Learn more

The Polarity Censys integration allows the Polarity user to quickly perform research against the three Censys maintained datasets collected via daily ZMap scans of the Internet and by synchronizing with public certificate transparency logs.

image Learn more

Polarity's Chronicle Backstory integration allows automated queries to the Events, Assets, and IOC Details endpoints in Chronicle Backstory's API from the Polarity overlay window.

Learn more

The Polarity Cisco Threat Response integration allows Polarity to search the Threat Response Enrich API to return information about various indicator types.

Learn more

The Polarity-Cisco Umbrella (formerly known as OpenDNS) provides immediate awareness on domains. Enabling an analyst to quickly know if a domain is malicious benign or uncategorized, also categorizing the domain into content and security categories.

image Learn more

The Polarity-Confluence integration benefits analysts by facilitating access to up-to-date information for any Space, Attachment, Page, or Blog associated with the connected Confluence account. Results are returned for any email address, domain name or IPv4/6 address mentioned in a Jira ticket’s description.

image Learn more

Polarity's Cortex XSOAR integration allows automated queries against Cortex XSOAR's incident database, creates incidents from entities, and allows a user to execute predefined playbooks from Polarity.

Learn more

CRITs is an open source malware and threat repository that leverages other open source software to create a unified tool for analysts and security experts engaged in threat defense.

Learn more

CVE Search is a tool to import CVE (Common Vulnerabilities and Exposures) and CPE (Common Platform Enumeration) into a MongoDB to facilitate search and processing of CVEs.

Learn more

The Polarity - Cyber Risk Analytics integration searches Cyber Risk Analytics for known breaches related to domains and emails on your screen.

Learn more

CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more. The Polarity CyberChef Integration allows you to leverage much of CyberChefs functionality by searching for any string on demand and enables you build out recipes based on the data you search.

image Learn more

The Polarity CyberReason integration allows Polarity to search CyberReason's API to return threat information on IP's, Domains and File Hashes.

Learn more

The CyberSponse CyOPs platform is a holistic and enterprise built security orchestration and security automation workbench that empowers security operation teams.

Learn more

The Polarity-Dig integration allows an analyst to quickly run the dig command on their Polarity server, enabling analysts to quickly see associated domains, IPs, and headers.

image Learn more

Digital Risk Protection Software is designed to protect you from external threats, continually identifying where your assets are exposed, providing sufficient context to understand the risk, and options for remediation. The Polarity Digital Shadows integration allows the Polarity user to quickly perform research against the Digital Shadow's search features.

image Learn more

DiscoverOrg contains the most accurate and robust sales and marketing intelligence available in the market. Polarity brings that information to you in near real time.

Learn more

The Polarity - DomainTools Iris integration provides comprehensive threat intelligence from DomainTools historical whois information. The integration allows analysts to see an IRIS risk score.

image Learn more

The Polarity-Elasticsearch integration allows analysts to get real-time insights into any data contained within indexes in Elasticsearch, enabling analysts to work faster and more efficiently.

image Learn more

The Polarity - EmailRep integration returns reputation and history information about an email, allowing analysts to quickly understand if an email is something that is suspicious based on the EmailRep information.

image Learn more

Occasionally our users come across UNIX Epoch time, the representation of time as the number of seconds elapsed since January 1st, 1970. Polarity automatically converts Epoch time to a readable time.

Learn more

Farsight Security’s DNSDB™ is a Passive DNS historical database that provides a unique, fact-based, multifaceted view of the configuration of the global Internet infrastructure.

Learn more

The FIR (Fast Incident Response) integration searches the FIR cybersecurity incident management platform for artifacts contained within cybersecurity incidents.

Learn more

The Polarity FireEye Detection on Demand (DoD) integration allows Polarity to quickly identify malicious files contained within the FireEye platform. The FireEye DoD service only supports looking up MD5 hashes.

Learn more

The Polarity - Flashpoint integration queries the indicators, reports, and forums endpoints in Flashpoint for IPs, domains, CVEs, and file hashes. These capabilities enable analysts to have a complete threat picture of indicators Flashpoint has information on, even enabling the analyst to quickly pivot to Flashpoint for further analysis.

image Learn more

On-demand integration which converts selected text to a user-chosen font for accessibility purposes.

Learn more

FullContact’s enrichment APIs let you transform partial identities into complete profiles to connect with prospects, capture audience insights, and enhance customer experiences.

Learn more

The Polarity - Gigamon integration searches Gigamon for detection information as well as any associated DHCP, PDNS or Summary information.

Learn more

The Polarity Google Search Custom Search (CSE) allows the analyst to retrieve and display search results from Google Custom Search programmatically.

Learn more

The Polarity - Google Maps integration enables analysts to geo-locate and pull back a map from google based on a lat-long or an address.

image Learn more

The Polarity - Google Translate integration enables analysts to quickly translate any foreign text to English with Polarity’s On-Demand mode. Allowing analysts to have a better understanding of what is being discussed in forums etc.

image Learn more

The Polarity - GreyNoise integration searches IPs in GreyNoise for internet scan and attack activity related to indicators on your screen. The scan and attack activity is then displayed via the Polarity Overlay Window, and we support the GreyNoise Community API out of the box if you do not already have an Enterpise API Key.

image Learn more

HackerOne is a hacker-powered security platform that provides unmatched cybersecurity speed, depth and breadth of coverage at a greater value. Polarity's HackerOne integration allows automated queries against HackerOne's API for all of your programs information relating to Scopes, Valued Vulnerabilities, Weaknesses, and Reports.

Learn more

Check if you have an account that has been compromised in a data breach.

Learn more

The Polarity-HYAS integration effectively provides “HYAS Insight anywhere” by searching HYAS Insight for IPs, domains, emails, and hashes.

image Learn more

Hybrid Analysis is a free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology.

Learn more

IBM X-Force Exchange is a cloud-based threat intelligence sharing platform enabling users to rapidly research the latest security threats, aggregate actionable intelligence and collaborate with peers.

Learn more

iDefense Security Intelligence Services provides security intelligence through the next generation IntelGraph platform that provides context, visualizations, searching, alerting and a robust RESTful API.

Learn more

The Polarity Intel 471 integration allows Polarity to search the Intel 471 API to return information about various indicator types.

Learn more

The ipinfo core API product returns geolocation, ASN, and hostname information for an IP address.

Learn more

The Local-Calling Guide contains local calling, area code, and prefix information for Canada, the United States of America, and other countries that are part of the North American Numbering Plan.

Learn more

Polarity searches ips, hashes, domains and emails within LookingGlass ScoutPrime to recall associated threat information. LookingGlass ScoutPrime is a threat intelligence platform designed to discover, contextualize, prioritize, and orchestrate new and emerging cyber threats.

Learn more

Returns information on the 1 million domains with the most referring subdomains.

image Learn more

The Polarity Malware Bazaar integration allows Polarity to quickly malicious file hashes contained within the Malware Bazaar platform.

Learn more

The ServiceDesk Plus MSP integration currently searches custom work-order fields to identify tickets related to IP addresses on your screen. ServiceDesk Plus MSP is a web-based, ITIL-ready helpdesk software designed specifically for managed service providers.

Learn more

The Polarity-Mandiant Threat Intelligence Integration allows analysts to have instant data awareness and recall on any intelligence from Mandiant dataset.

image Learn more

The Polarity - Maxmind integration replicates the Geolocation database from Maxmind to enable analysts to have complete geo-location information for IP addresses, enabling analysts to quickly have an understanding of where an IP is located.

image Learn more

Polarity's MeaDefender integration gives users access to potentially malicious file hash lookups against the MetaDefender OPSWAT REST API. MetaDefender is a cyber security platform for preventing and detecting cyber security threats on multiple data channels.

image Learn more

The Polarity - MISP integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with MISP, 1 that enables a user to see the threat information on indicators and one to bulk submit indicators to MISP, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - MISP - provides context around indicators in MISP. Polarity -MISP IOC Submission - enables analysts to bulk submit IOCs to MISP.

image Learn more

The Polarity MISP Warning Lists integration searches MISP hash, domain and IPv4 based warning lists and returns related list information.

Learn more

AutoFocus™ is a contextual threat intelligence service that accelerates analysis, correlation, and prevention workflows.

image Learn more

Returns Passivetotal whois intelligence for domains and emails.

image Learn more

Instantly know if your account or other personal was "dumped".

image Learn more

The Polarity - Phantom integration enables an analyst to have an immediate understanding of indicators in their Phantom artifacts and containers, while also providing a complete history of the playbooks and actions taken against the indicator, as well as enabling the analysts to run a playbook based on an indicator that either is not contained within an artifact or container or exists currently.

image Learn more

The Polarity-Pipl integration allows the Polarity user to quickly perform research against persons of interest via email address and telephone number recognition.

image Learn more

Polarity searches poolparty to return an ontology based around keywords.

Learn more

PostgreSQL is a powerful, open source object-relational database system.

Learn more

The Polarity - Pulsedive integration provides analysts real time community driven threat intelligence on ips and domains. Allowing analysts to have the vast risk knowledge that Pulsedive can provide in any workflow they are using.

image Learn more

IBM® QRadar® SIEM detects anomalies, uncovers advanced threats and removes false positives.

Learn more

Rapid7 Nexpose looks up IPs for related vulnerabilities that Nexpose has identified

image Learn more

The Polarity - Recorded Future searches the Recorded Future API for threat information on associated indicators. Allowing analysts to have the power of Recorded Future's vast threat intelligence no matter what application they are looking at, enabling better data awareness and recall.

image Learn more

Redis is an open source, in-memory data structure store, used as a database, cache and message broker. This integration provides a template for connecting to Redis to return data from user-defined queries.

Learn more

Open-source project management application. There is also the Redmine Issue Creator integration, which allows for users to create a ticket in Redmine.

image Learn more

The Polarity - IBM Resilient integration searches the Resilient Incident Response Platform for incidents related to indicators on your screen. The integration can search across artifacts, incidents, tasks, and notes. Incident and tasks searches are full-text searches against all fields. Artifact searches are exact match searches against the artifact's value. Note searches are full-text searches against the content of the note. If a result is found, the integration will display information about the related incident. Incidents are deduplicated so that an incident is only shown a single time even if it has multiple matches. This allows analysts to quickly see when there are related tickets, enabling them to triage and close tickets faster and more efficiently.

image Learn more

ReversingLabs delivers industry-leading threat detection and analysis solutions that address the latest generation of cyber attacks.

image Learn more

The A1000 Malware Analysis Platform supports advanced hunting and investigations through the TitaniumCore high-speed automated static analysis engine.

image Learn more

The Polarity RIPEstat integration allows Polarity to return all announced prefixes for a given ASN via the RIPEstat Data API.

Learn more

Polarity - RiskIQ integration allows Polarity to search RiskIQ Security Intelligence Services (SIS API) to return threat information on IP's, Domains and URL's.

image Learn more

The Polarity Archer integration allows freeform text searching for IPs, Hashes, domains as well as tracking IDs for core applications such as Devices, Applications, Risk Registry, Security Incidents and Findings in your Archer instance.

image Learn more

Find customers, close deals faster, and grow accounts with Salesforce, the world’s #1 Customer Relationship Management (CRM) platform.

image Learn more

The Polarity Securonix integration allows Polarity to search Securonix API to return User Violation information on Emails, Domains and IP's.

Learn more

The Polarity - ServiceNow SIR integration enables analysts to have a complete view of indicators and incident response issues, enabling analysts to quickly triage information and make a quick decision.

image Learn more

Polarity's ServiceNow Security Incident Response (SIR) Integration allows the lookup of ServiceNow security incidents (e.g. SIR00000012), and Observables including IP addresses, CVE's, web domains, file hashes and e-mail addresses against your instance of ServiceNow.

image Learn more

The Polarity Sharepoint integration allows freeform text searching for IPs, hashes, and domains in your Sharepoint instance and retrieves related documents.

image Learn more

The Polarity - Shodan integration provides immediate awareness to Shodan’s vast Internet of Things search engine. Enabling analysts to quickly triage the location, associated domains and headers for an IP.

image Learn more

The Polarity SlashNext integration allows Polarity users to leverage SlashNext's On-demand Threat Intelligence (OTI) for the analysis of suspicious IPv4 addresses and domains.

image Learn more

Identifies Snort Signatures and allows for quick pivot to rule documentation

image Learn more

The Polarity - Splunk integration enables you to quickly search any index in your Splunk Enterprise or Splunk Cloud instances. Enabling you to have complete awareness of any indicators that matter to you and your teams.

image Learn more

The Polarity Spur integration allows for IP entity types to be enriched against the Spur Context API.

Learn more

Microsoft SQL Server is a relational database management system. This integration provides a template for connecting to SQL Server to return data from user-defined queries.

Learn more

Swimlane automates manual processes and operational workflows by delivering powerful, consolidated analytics, real-time dashboards, and reporting from across your security infrastructure.

image Learn more

The Polarity tenable.sc (formerly Security Center) integration allows Polarity to search the tenable.sc API to return information about various indicator types.

image Learn more

The Polarity - TheHive integration allows Polarity to search TheHive's Search API to return threat information on IP's, Domains and URL's.

image Learn more

The Polarity - ThreatConnect integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with ThreatConnect, 1 that enables a user to see the threat information on indicators and one to bulk submit indicators to ThreatConnect, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - ThreatConnect - provides context around indicators in ThreatConnect and enables users to link out to Playbooks and run from the ThreatConnect Ui. Polarity -ThreatConnect IOC Submission - enables analysts to bulk submit IOCs to Threatstream.

image Learn more

The Polarity - ThreatQuotient integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with ThreatQuotient, one that enables a user to see the threat information on indicators and one to bulk submit indicators to ThreatQuotient, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - ThreatQuotient - provides context around indicators in ThreatQuotient. Polarity -ThreatQuotient IOC Submission - enables analysts to bulk submit IOCs to Threatstream.

image Learn more

The Polarity TrapX integration allows Polarity to search the TrapX DeceptionGrid API to return event information on IP addresses.

Learn more

The Polarity TruSTAR integration allows Polarity to search the TruSTAR API to return information about various indicator types.

image Learn more

The Polarity Unshorten.me integration allows Polarity to Un-Shorten URLs created by URL shortening services.

image Learn more

UPS Developer APIs allow users to display the status and location of packages from UPS.

Learn more

The Polarity URL Pivot integration allows an analyst to run an on-demand query against an IP, hash, domain or email to return a list of queries that they can then execute in their SIEM or any other URL users want to search.

Learn more

The Polarity-Urlscan integration will return results from the most recent relevant scan performed by the Urlscan service. After searching for the scan, additional scan details are returned by retrieving the overall verdict information to include whether the indicator is malicious, the overall score, tags, categories and brands.

image Learn more

The Polarity-VirusTotal integration provides instant awareness on hashes from VirusTotals vast database on malicious indicators. Enabling analysts to triage file hashes and IPs to see if there are any known viruses, trojans etc that have been associated with them.

image Learn more

The Polarity - VulDB integration provides immediate awareness of vulnerability information related to CVE’s and Microsoft Security Bulletins. Enabling analysts to have the community-driven vulnerability information immediately available whenever there is a CVE or KB ID on their screen.

image Learn more

With Polarity’s VulnDB integration, you have ready access to the vast intelligence that VulnDB provides anytime there is a CVE on your screen. No matter what you are looking at, whether it’s the output of a vulnerability scan or a PDF with the latest threat information, you will have the power of VulnDB’s vulnerability data overlaid on your screen. The integration also provides a link directly to VulnDB’s SaaS Portal, ensuring you have full access to VulnDB’s comprehensive vulnerability intelligence right when it’s needed most.

image Learn more

The Polarity - Merriam Webster integration queries Merriam Webster to return dictionary information about words contained in an on-demand search.

Learn more

Wikipedia is a free online encyclopedia, created and edited by volunteers around the world and hosted by the Wikimedia Foundation.

Learn more

Displays information about Windows security audit events

Learn more

The best worldwide market data provider.

Learn more

Zendesk is a customer service and engagement platform. The Polarity Zendesk integration displays relevant ticket information based on email addresses and domains.

Learn more

Want to learn more?

See Polarity in more detail, or check out our blog

Read blog Get started