Extend the Power of Polarity

The Polarity-AlienvaultOTX integration will return results from different Pulses that the security community is adding to AlienvaultOTX. The integration will return known pulse information on hash, IPs, and domains, allowing analysts to see potential indicators of compromise and malware-related information.

Anomali STAXX gives you an easy way to access any STIX/TAXII feed. The STAXX Portal equips users with tools for researching Indicators of Compromise (IOCs).

The Polarity - Anomali Threatstream integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with Anomali Threatstream, 1 that enables a user to see the threat information on indicators and one to bulk submit indicators to Anomali, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - Anomali Threatstream - provides context around indicators in Threatstream. Polarity Anomali Threatstream IOC Submission - enables analysts to bulk submit IOCs to Threatstream.

Returns information on the 1 million domains with the most referring subdomains.

The Polarity - Maxmind integration replicates the Geolocation database from Maxmind to enable analysts to have complete geo-location information for IP addresses, enabling analysts to quickly have an understanding of where an IP is located.

Polarity's MeaDefender integration gives users access to potentially malicious file hash lookups against the MetaDefender OPSWAT REST API. MetaDefender is a cyber security platform for preventing and detecting cyber security threats on multiple data channels.

The Polarity - MISP integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with MISP, 1 that enables a user to see the threat information on indicators and one to bulk submit indicators to MISP, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - MISP - provides context around indicators in MISP. Polarity -MISP IOC Submission - enables analysts to bulk submit IOCs to MISP.

Returns Passivetotal whois intelligence for domains and emails.

The Polarity - Pulsedive integration provides analysts real time community driven threat intelligence on ips and domains. Allowing analysts to have the vast risk knowledge that Pulsedive can provide in any workflow they are using.

The Polarity - Recorded Future searches the Recorded Future API for threat information on associated indicators. Allowing analysts to have the power of Recorded Future's vast threat intelligence no matter what application they are looking at, enabling better data awareness and recall.

Polarity - RiskIQ integration allows Polarity to search RiskIQ Security Intelligence Services (SIS API) to return threat information on IP's, Domains and URL's.

The Polarity - Shodan integration provides immediate awareness to Shodan’s vast Internet of Things search engine. Enabling analysts to quickly triage the location, associated domains and headers for an IP.

Identifies Snort Signatures and allows for quick pivot to rule documentation

The Polarity - ThreatConnect integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with ThreatConnect, 1 that enables a user to see the threat information on indicators and one to bulk submit indicators to ThreatConnect, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - ThreatConnect - provides context around indicators in ThreatConnect and enables users to link out to Playbooks and run from the ThreatConnect Ui. Polarity -ThreatConnect IOC Submission - enables analysts to bulk submit IOCs to Threatstream.

The Polarity - ThreatQuotient integration(s) enable a user to have an immediate understanding of their threat landscape when looking at indicators. Polarity has two integrations with ThreatQuotient, one that enables a user to see the threat information on indicators and one to bulk submit indicators to ThreatQuotient, enabling security analysts across teams to contribute and gain immediate awareness. Polarity - ThreatQuotient - provides context around indicators in ThreatQuotient. Polarity -ThreatQuotient IOC Submission - enables analysts to bulk submit IOCs to Threatstream.

The Polarity TruSTAR integration allows Polarity to search the TruSTAR API to return information about various indicator types.

The Polarity - VulDB integration provides immediate awareness of vulnerability information related to CVE’s and Microsoft Security Bulletins. Enabling analysts to have the community-driven vulnerability information immediately available whenever there is a CVE or KB ID on their screen.

With Polarity’s VulnDB integration, you have ready access to the vast intelligence that VulnDB provides anytime there is a CVE on your screen. No matter what you are looking at, whether it’s the output of a vulnerability scan or a PDF with the latest threat information, you will have the power of VulnDB’s vulnerability data overlaid on your screen. The integration also provides a link directly to VulnDB’s SaaS Portal, ensuring you have full access to VulnDB’s comprehensive vulnerability intelligence right when it’s needed most.