The ZeroFox App Library: Intelligent Integrations for Effective Cybersecurity

Threat actors of today operate seamlessly across a variety of online environments for their malicious activities. They have become adept at maneuvering between platforms to conduct multi-channel attacks, placing more demand on security programs now more than ever before. Since the turn of the millennium, the rapid advancement and circulation of computing technologies have given rise to an unprecedented number of interconnected individuals. In turn, this has also driven an increase in opportunity for cyber threat activity ranging from sophisticated nation-state hacking and cybercrime-as-a-service models to compromised account takeovers and phishing scams. 

There are legitimate reasons for security teams to care about what is coming next and how best to prepare. In 2020 alone, ZeroFox threat researchers published nearly 1,500 internal reports on notable findings across the cybercriminal ecosystem of forums, marketplaces, data leak sites, encrypted chat platforms and discussion boards. The Forrester Wave: External Threat Intelligence Services, Q1, 2021, notes that, “according to Forrester Analytics’ Business Technographics® survey data, global security decision-makers now subscribe to an average of 7.5 commercial external threat intelligence services, which is up from an average of 4.2 vendors in 2018.” When considering just how many different systems the average security team uses, clearly seamless integration is critical in order to connect the stack and allow systems to work together. Not only does this save security teams time, it also aids in increasing awareness of threats collaboratively across tools. (Read more on ZeroFox’s rank as a Strong Performer in the new Wave, noted by Forrester as best in class for brand threat intelligence use cases and takedown services.) 

The balance between defenders and threat actors continues to change. Often the trends we observe are directly linked to the move counter-move nature of the struggle. Security teams must once again rise to new challenges posed by ever-evolving threats. The ZeroFox team has refused to simply stand by and watch the trends we see forming. Our team is constantly pushing the industry standard, moving forward in rapid response with enhanced services and innovative solutions. The ZeroFox Platform provides a global data collection engine, artificial intelligence-based analysis and automated remediation. This Digital Risk Protection Platform protects critical digital assets and data from digital threats at the scale and speed of the internet. Just weeks ago we announced the launch of the ZeroFox Global Partner Program, another leap forward following the company’s significant expansion of cyber threat intelligence capabilities and the addition of three 24/7 global security operations centers (SOCs). Now we are adding another significant layer for security teams with the introduction of the industry’s most extensive App Library.

How Does an App Library Deliver Integrated Solutions? 

Effective security programs require integrated solutions that break down silos, augment existing security tools and allow for smarter decision-making with integrated threat intelligence. The ZeroFox App Library contains over 700 apps, including data sources across the surface, deep and dark web. This encompasses industry-leading technology partner integrations like Splunk, Elastic, Maltego, Anomali and IBM QRadar. We continue to work with disruption providers, including domain hosts, registrars, marketplaces and more. It’s truly a one-stop-shop for all things integrated with digital risk protection and threat intelligence, saving security teams valuable time and resources.

The library has been developed with three key areas in mind:

• Intelligence Collection and Enrichment: Applications that automate the collection and processing of intelligence data across the surface, deep and dark web, social media, mobile app stores, collaboration tools and e-marketplaces.
• Security Event Integration and Orchestration: Applications that allow SOC and security teams to easily share data between platforms and extend visibility and analysis with tools like SIEMs, SOARs and TIPs. 
• Incident Remediation and Disruption: Applications that enable swift remediation of external threats by disrupting attacker infrastructure, including domain hosts and registrars such as GoDaddy, Google Domains and Cloudflare.

In today’s threat landscape, fostering a more connected security ecosystem that integrates seamlessly with existing systems and processes is a must. The App Library is the solution and facilitates effective threat intelligence enrichment, alert orchestration, incident remediation and more. We’ve partnered with hundreds of security, technology, digital platform and data providers to create the industry’s broadest integration ecosystem. Categories include Analytics & Investigation, Collaboration, Collection, Disruption, Identification, Orchestration & ITSM, Protection, Vulnerability & Risk, all of which are pre-integrated within the ZeroFox Platform. 

This is just the beginning. New integration partners and applications are added to the App Library ecosystem weekly. These partnerships provide value to enterprises seeking greater visibility and contextualization across the external threat landscape within a single system. Customers can access these apps through extensible REST APIs and pre-built connectors for seamless integrations with their current tech stack.

Get Started

ZeroFox is committed to innovating at a world-class pace in support of a more connected security ecosystem. Join us as we continue to grow our solutions further to ensure a more connected, intelligence-driven tomorrow. To learn more and see the ZeroFox App Library in action, please visit zerofox.wpenginepowered.com/app-library.

Brent Davidson, ZeroFox’s Vice President of Global Business Development, Introduces the ZeroFox App Library