Extend the Power of Polarity

Polarity is an overlay on top of all your existing workflows and tools. You can also build on top of Polarity to extend the power of the platform. Explore available open source projects here:

Example of Polarity's product overlaying a window on any application

Polarity's Chronicle Backstory integration allows automated queries to the Events, Assets, and IOC Details endpoints in Chronicle Backstory's API from the Polarity overlay window.

Learn more

The Polarity Cisco Threat Response integration allows Polarity to search the Threat Response Enrich API to return information about various indicator types.

Learn more

The Polarity CyberReason integration allows Polarity to search CyberReason's API to return threat information on IP's, Domains and File Hashes.

Learn more

Dig is a network admin tool for querying DNS servers.

Learn more

The Polarity FireEye Detection on Demand (DoD) integration allows Polarity to quickly identify malicious files contained within the FireEye platform. The FireEye DoD service only supports looking up MD5 hashes.

Learn more

The Polarity-Flashpoint integration enables users to search against Flashpoint Finished Intelligence and Technical Data for additional context on information like IPs, domains and file hashes.

Learn more

The Polarity - Gigamon integration searches Gigamon for detection information as well as any associated DHCP, PDNS or Summary information.

Learn more

The Polarity Google Search Custom Search (CSE) allows the analyst to retrieve and display search results from Google Custom Search programmatically.

Learn more

The Polarity illuminate integration allows Polarity to quickly identify indicators contained within the illuminate platform.

Learn more

The Polarity Intel 471 integration allows Polarity to search the Intel 471 API to return information about various indicator types.

Learn more

Polarity searches ips, hashes, domains and emails within LookingGlass ScoutPrime to recall associated threat information. LookingGlass ScoutPrime is a threat intelligence platform designed to discover, contextualize, prioritize, and orchestrate new and emerging cyber threats.

Learn more

Returns information on the 1 million domains with the most referring subdomains.

image Learn more

The Polarity Malware Bazaar integration allows Polarity to quickly malicious file hashes contained within the Malware Bazaar platform.

Learn more

The Polarity-Mandiant Threat Intelligence Integration allows analysts to have instant data awareness and recall on any intelligence from Mandiant dataset.

Learn more

The Polarity [Maxmind](https://www.maxmind.com/) integration allows Polarity to retrieve geolocation information for IPv4 and IPv6 addresses using the MaxMind GeoIP2 or GeoLite2 databases. MaxMind GeoIP2 data identifies the location and other characteristics of Internet users for a wide range of applications including fraud detection, traffic analysis, compliance, and geo-targeting.

image Learn more

The Polarity MISP integration allows Polarity to search your instance of MISP to return valid information about domains, IPs, and hashes. The MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators.

image Learn more

The Polarity MISP Warning Lists integration searches MISP hash, domain and IPv4 based warning lists and returns related list information.

Learn more

AutoFocus™ is a contextual threat intelligence service that accelerates analysis, correlation, and prevention workflows.

image Learn more

Returns Passivetotal whois intelligence for domains and emails.

image Learn more

Pulsedive is a brand-new analyst-centric threat intelligence platform that can provide users with comprehensive community threat intelligence to help identify known threats.

image Learn more

Recorded Future’s unique technology collects and analyzes vast amounts of data to deliver relevant cyber threat insights in real time.

image Learn more

The Polarity RIPEstat integration allows Polarity to return all announced prefixes for a given ASN via the RIPEstat Data API.

Learn more

Polarity - RiskIQ integration allows Polarity to search RiskIQ Security Intelligence Services (SIS API) to return threat information on IP's, Domains and URL's.

image Learn more

The Polarity Securonix integration allows Polarity to search Securonix API to return User Violation information on Emails, Domains and IP's.

Learn more

Shodan is the world’s first search engine for internet connected devices. Shodan has servers located around the world that crawl the Internet 24/7 to provide the latest Internet intelligence.

image Learn more

Identifies Snort Signatures and allows for quick pivot to rule documentation

image Learn more

ThreatConnect is a threat intelligence, analytics, and orchestration in one platform that will save your team time while making informed decisions for your security operations and strategy.

image Learn more

ThreatQ is a [threat intelligence platform](https://www.threatq.com/threat-intelligence-platform/) designed to accelerate security operations through context, prioritization, and automation, providing security teams greater focus and better decision making.

image Learn more

The Polarity TruSTAR integration allows Polarity to search the TruSTAR API to return information about various indicator types.

image Learn more

Want to learn more?

See Polarity in more detail, or check out our blog

Read blog Get started