Threat Protection for Technology Partners

Integrate your applications with Symantec Threat Protection and Security Analytics. 

You get full visibility into any activity—from network, to email, to endpoint—allowing you to perform advanced forensics from a "system of record" and orchestrate incident response—like forensics investigations using full packet detail, isolating an endpoint from your network, or removing malicious files from your email.

By combining Symantec's ATP and Anomali's ThreatStream threat intelligence platform, investigation and remediation efforts are enhanced by augmenting Dynamic Adversary Intelligence (DAI) with confidence and threat scores which Anomali derives from hundreds of threat data sources. In addition, ATP users will be able to look up against Anomali's rich, contextualized data thereby dramatically decreasing response times and the effectiveness of their investigations.

Symantec Protection Engine is a flexible and feature-rich client/server application that allows customers to incorporate malware and threat detection technologies into almost any application. Compuverde's vNAS is a fully software-defined and hardware-agnostic storage solution. It offers high redundancy, scalability and performance for much less than other storage options.

Learn more

CounterTack Sentinel provides a pivot link into Security Analytics with meta data around events in the URL. Security Analytics captures all network traffic and therefore can provide packet-level detail and artifact reconstruction to events discovered through CounterTack Sentinel, reducing the time to resolution by finding the source of the attack.

Symantec SEP and DLP feed the Cyber Observer security domain agnostic orchestration management and awareness solution with a goal to provide enterprise customers with a complete and holistic view of their cyber security ecosystem health status and preparedness.

CyberSponse enables companies to defend and counter attackers through a unique and collaborative security operations platform that facilitates comprehensive incident response lifecycle management.

Symantec Protection Engine provides scalable, high-performance threat detection services to protect valuable data stored on Dell FluidFS distributed file system based network attached storage (NAS) devices.

Learn More

Demisto and ATP together provide organizations the ability to orchestrate actions when an incident is generated in ATP. Out of the box playbooks allow companies to quickly take action on potential attacks against their organization. Additional Symantec product integrations in Demisto allow companies to have a one-stop solution to automate actions across an entire portfolio of products from the endpoint though the network.

DFLabs is an award-winning and recognized global leader in security orchestration, automation and response (SOAR) technology. The company's management team has helped shape the cyber security industry, which includes co-editing several industry standards such as ISO 27043 and ISO 30121. Its flagship product, IncMan SOAR, has been adopted by Fortune 500 and Global 2000 organizations worldwide.

Elastic builds software to make data usable in real time and at scale for search, logging, security, and analytics use cases. Founded in 2012, the company develops the open source Elastic Stack (Elasticsearch, Kibana, Beats, and Logstash), X-Pack (commercial features), and Elastic Cloud (a SaaS offering).

Symantec Content Analysis and Security Analytics act as filters of unknown content before sending on for sandbox detonation. They both can send files to FireEye AX or NX for sandbox detonation, allowing customers to leverage their investment and optimize precious sandboxing resources.

Forescout allows companies to quickly isolate a system from the network that has been determined to be compromised with the integration with ATP. The two products working together can help limit the attack surface and prevent further infection.

Forescout CounterACT provides real-time visibility and control capabilities to validate SEP agent integrity, trigger real-time malware scans, help enforce compliance at device connection time, and provide automated response options to isolate or restrict network access of non-compliant or infected devices and facilitate remediation actions.

The partnership combines Symantec's endpoint protection leadership with Fortinet's best-in-class network security and Fabric integration to deliver unparalleled security protection.

Symantec Protection Engine provides scalable, high-performance threat detection services to protect valuable data stored on HP's 3PAR and StoreAll storage solutions.

Learn More

Symantec Protection Engine provides scalable, high-performance threat detection services to protect valuable data stored on Hitachi's Network Attached Storage (HNAS) platform.

Learn More

IBM's QRadar leverages log information from a number of Symantec products and analyzes packet capture data of Symantec's Security Analytics to provide context that enables rapid response to SIEM attack alerts.

Symantec Advanced Threat Protection (ATP) helps you uncover, prioritize, investigate, remediate complex attacks across endpoint, email, and network from one console. Symantec ATP App provides you an aggregated as well as individual visualizations for Network and Endpoint by collecting data from Symantec ATP.

Download the latest Symantec Apps for IBM on Symantec Connect.

Symantec Security Analytics is able to send unknown files to LastLine Breach Detection Platform for detonation in their sandbox. Symantec SSLV has also been certified/tested to work with Lastline Breach Detection Platform.

ArcSight ESM is an industry-leading Security Incident and Event Management (SIEM) technology. Symantec Security Analytics provides full packet-level detail to ArcSight ESM and can reconstruct what happened after an ArcSight ESM event. Security Analytics can provide details to help assess damage that may have already occurred within the corporate network and prevent data loss going forward.

The integration of Symantec's Security Analytics (SA) with the NetApp E-Series Fibre Channel storage arrays enables customers to conduct more comprehensive analysis and swifter resolution of attacks and breaches, even in the largest, most demanding networks. The joint solution allows customers to capture, store, analyze and retrieve complete network traffic instantly and at a lower total cost of ownership.

Symantec Protection Engine provides scalable, high-performance threat detection services to protect valuable data stored on NetApp's Data ONTAP data management solution.

Learn More

Symantec Protection Engine provides scalable, high-performance threat detection services to protect valuable data stored on Nutanix's AFS distributed file server based network attached storage (NAS) devices.

Learn More

OPSWAT OESIS Framework assess and modify the settings of SEP and 1000s of other applications on a given endpoint and rapidly assess the vulnerability of any system or collection of endpoint devices. Symantec Endpoint Protection is supported by the OESIS Framework; a cross-platform endpoint SDK that enables customers and partners to develop products for securing and managing endpoints leveraging the Framework's ability to assess vulnerabilities and out of compliance endpoint applications as well as modify their settings.

The Red Hat and Symantec partnership ensures compatibility for Symantec's products on Red Hat Enterprise Linux. Symantec products that offer full-feature capabilities on RHEL include Symantec Endpoint Protection, Data Center Security, and Cloud Workload Protection.

Symantec and ReversingLabs offer a powerful integration allowing Security Analytics to send extracted files samples to ReversingLabs TiScale for automated static analysis and discovery of malicious files, at scale.

The joint solution between Safe-T SDA, Symantec DLP and Symantec SEP, ensures organizations can now centrally control all incoming and outgoing data flows, regardless of their source or destination.

Securonix captures and analyzes Symantec's comprehensive endpoint protection ecosystem for latest endpoint threat intelligence, continuous protection and prevention. Empowered by Symantec proactively stopping virus, malware, ransomware, and non-malware attacks, Securonix SNYPR's machine learning capability can provide further analysis to search for patterns of insider threats, data exfiltration, application security, and other cyber security threats.

The Symantec ATP app lets you aggregate incident and related event data from your Symantec ATP appliances. The Symantec ATP app replicates incidents and related events from your ATP appliances into ServiceNow Security Operations so you can leverage ServiceNow's platform for Incident Management and automate workflows to help you investigate potential threats in your environment and take immediate action.

Siemplify and Symantec's Advance Threat Protection (ATP) work together to enable stronger detection and response capabilities. Providing SOC teams with a fully integrated solution that drives more effective and rapid security event identification, investigation and response.

Siemplify and Symantec Endpoint protection provide instant context for security alerts as well as automated isolation & response for involved endpoints.

Splunk's Phantom and ATP together provides organizations the ability to orchestrate actions when an incident is generated in ATP. Out of the box playbooks allow companies to quickly take action on potential attacks against their organization. Additional Symantec product integrations in Phantom allow companies to have a one stop solution to automate actions across an entire portfolio of products from the endpoint though the network.

Register to download a fully-functional version of the Phantom Security Operations Platform with access to Symantec-specific automation and orchestration playbook.

The combination of Splunk and ATP not only provides the ability to collect and store security related data from multiple control points (email, network, end point) in a centralized location with the rest of the organizations data, but also allows them to manage incidents generated from the ATP product line and the ability to automate actions through Splunk’s Enterprise Security and Adaptive Response add-on module.

With the add-on Splunk apps for ATP and Security Analytics, companies can collect end-to-end forensic information from their endpoints using ATP and their network using Security Analytics.

Download the latest Symantec Apps for Splunk on Symantec Connect.

The SUSE and Symantec partnership ensures compatibility for Symantec's products on SUSE Linux Enterprise Server and SUSE Linux Enterprise Desktop. Symantec products that offer full-feature capabilities on SUSE Linux Enterprise include Symantec Endpoint Protection, Data Center Security, and Cloud Workload Protection.

Swimlane is a security operations management platform and a company focused on empowering enterprises and government agencies with data-driven automation and orchestration for incident response and improved security operations.

Syncurity delivers an agile security orchestration, automation & response platform that reduces cyber risk. We make security operations centers (SOCs) more efficient and effective using tightly integrated alert and incident response workflows. IR-Flow uniquely incorporates humans into decision-making, and generates a detailed, immutable security "System of Record" that enables reporting and dashboards for process improvement, audit, and compliance demonstration. Syncurity IR-Flow and Symantec Endpoint Protection combine to speed up security analyst workflow. Users can launch scans, search for malicious hashes in their environment and apply SEP policies from IR-Flow reducing time to discovery and containment.