Integrations and Collaboration

Integrate Cloud Optix with your Splunk SIEM system to receive instant notification of security events and improve visibility for security operations teams.

Send cloud security events detected by Cloud Optix into Azure Sentinel workspaces and customize the alert levels sent (Critical, High, Medium, and Low).

Send cloud security events detected by Cloud Optix into PagerDuty and customize the alert levels sent (Critical, High, Medium, and Low).

Raise instant alerts to a chosen Slack channel for security events detected by Cloud Optix.

Raise instant alerts to a chosen team for security events detected by Cloud Optix.

Raise instant alerts to a chosen Amazon Simple Notification Service (SNS) topic for security events detected by Cloud Optix.

Filter Cloud Optix AWS Host Inventory to quickly identify EC2 instances for which there are Amazon Inspector findings, while the Network Topology CVE filter allows customers to highlight EC2 instances that have CVEs discovered by Amazon Inspector based on severity.

Receive patch status for EC2 Instances in the Cloud Optix console when AWS Systems Manager is enabled in the EC2 management console.

Cloud Optix Rest API allows teams to scan Infrastructure-as-Code templates at any stage of development (even before upload to Source Control) regardless of what code repository is being used e.g Gitlab.

Automatically scan Infrastructure-as-Code templates in GitHub repositories and detect misconfigurations, embedded secrets, passwords, and keys before they make it into production. Cloud Optix can checks Terraform, AWS CloudFormation, Ansible, Kubernetes, and Azure Resource Manager (ARM) template files.

Automatically scan Infrastructure-as-Code templates in Bitbucket repositories in and detect misconfigurations, embedded secrets, passwords, and keys before they make it into production. Cloud Optix checks Terraform, AWS CloudFormation, Ansible, Kubernetes, and Azure Resource Manager (ARM) template files.

Empower DevOps teams to remediate configuration issues, embedded secrets, passwords, and keys before deployment to production by raising alerts via API directly in the Jenkins build pipeline.

Raise instant alerts to a chosen Amazon Simple Notification Service (SNS) topic for security events detected by Cloud Optix.

Aggregate Amazon GuardDuty alerts into Cloud Optix dashboard regardless of region. When turned on, other enabled integrations such as Jira, Slack, and ServiceNow automatically work for GuardDuty.

Cloud Optix uses machine learning to profile activity using AWS CloudTrail logs, and determine whether certain activity may be ‘high-risk’ based on previous activity.

Discover cross-account and external account S3 access with ease. IAM Access Analyzer findings, provided in the Cloud Optix console, analyze hundreds or even thousands of policies across AWS environments in seconds.

Learn More

Connecting disparate actions across AWS accounts, Amazon Detective integration enables rapid investigation of patterns in behavior to understand the root cause of a security finding, as well as the resources affected.

Learn More

Cloud Optix provides the best of both worlds, with independent Sophos recommendation to optimize costs, and integration with AWS Trusted Advisor when organizations have the necessary AWS support plan in place.

Filter Cloud Optix AWS Host Inventory to quickly identify EC2 instances for which there are Amazon Inspector findings, while the Network Topology CVE filter allows customers to highlight EC2 instances that have CVEs discovered by Amazon Inspector based on severity.

Receive patch status for EC2 Instances in the Cloud Optix console when AWS Systems Manager is enabled in the EC2 management console.

Send cloud security events detected by Cloud Optix into Azure Sentinel workspaces and customize alert levels sent (Critical, High, Medium, and Low).

Cloud Optix cost monitoring integrates directly with the Azure Advisor to enable organizations to receive recommendations to reduce Azure costs alongside AWS in the same console.