Integration Marketplace

Every integration. One flat price per month.

Connect the security, cloud, identity, and IT tools you already run. The ArmorPoint Integration Marketplace gives you 45 connectors and counting, and one monthly price unlocks all of them. No per-integration fees. No metered add-ons.

45 connectors One flat price No per-connector fees
Browse the marketplace

Integration Marketplace.

QuickLaunch
Collect security events from QuickLaunch identity management.
Identity
Beta
Check Point Harmony Email & Collaboration
Collect Check Point Harmony Email & Collaboration logs.
SaaS
Beta
Check Point Harmony Endpoint
Collect Check Point Harmony Endpoint logs.
Endpoints
Agreement
ArmorPoint Dark Web Monitoring
Dark web content monitoring.
Infrastructure
Tenable.nessus
Collect logs from the Tenable Nessus Professional scanner.
Infrastructure
Beta
Cisco Umbrella
Collect logs from Cisco Umbrella.
Firewalls
Agreement
ArmorPoint NMS
ArmorPoint network monitoring.
Infrastructure
SentinelOne
Collect SentinelOne alert and threat logs.
Endpoints
Cisco Secure Endpoint
Collect logs from Cisco Secure Endpoint.
Endpoints
Tenable Vulnerability Management
Collect logs and asset data from Tenable Vulnerability Management (formerly Tenable.io).
Infrastructure
Darktrace
Collect Darktrace AI Analyst, Model Breach, and System Status alerts.
Firewalls
Mimecast
Collect logs from Mimecast.
SaaS
ArmorPoint VMS
ArmorPoint vulnerability management service.
Infrastructure
Trend Micro Vision One
Detection and response across email, endpoints, servers, cloud workloads, and networks.
Endpoints
LastPass
Monitor shared folder data, user data, and event report logs.
Identity
Bitwarden
Monitor collections, events, groups, members, and policies.
Identity
1Password Events Reporting
Collect events from the 1Password Events API.
Identity
Beta
Abnormal AI
Collect logs from Abnormal AI.
SaaS
Alpha
Atlassian Bitbucket
Collect logs from Atlassian Bitbucket.
SaaS
Beta
authentik
Collect logs from authentik.
Identity
AWS
Collect logs and metrics from Amazon Web Services.
Cloud
Azure
Collect logs from Azure services.
Cloud
Beta
Box Events
Collect logs from Box.
Cloud
Cato Networks
Collect overall and audit-level data from the Cato Management Application (CMA).
Firewalls
Citrix ShareFile
Collect reports from Citrix ShareFile.
Cloud
Shared
Cloudflare
Collect logs from the Cloudflare API.
Cloud
CrowdStrike
Collect Falcon logs from CrowdStrike products.
Endpoints
Beta
GitHub
Collect events from GitHub.
SaaS
Google Cloud Platform
Collect logs from Google Cloud Platform.
Cloud
Google Workspace
Collect logs from Google Workspace.
Identity
JumpCloud
Collect logs from JumpCloud Directory-as-a-Service.
Identity
Microsoft 365 Defender
Aggregate logs from M365 Defender, Defender for Endpoint, Office 365, and Identity.
Endpoints
Microsoft Entra ID Entity Analytics
Collect identities from Microsoft Entra ID (formerly Azure Active Directory).
Identity
Microsoft Sentinel
Collect logs from Microsoft Sentinel.
Cloud
Office 365 Logs
Collect event logs from Office 365.
Identity
Okta Logs
Collect event logs from the Okta API.
Identity
Palo Alto Cortex XDR Logs
Collect logs from the Palo Alto Cortex XDR API.
Endpoints
Alpha
Proofpoint TAP
Collect and parse data from Proofpoint TAP.
SaaS
Alpha
Qualys VMDR
Collect data from the Qualys VMDR platform.
Infrastructure
Alpha
Rapid7 InsightVM
Collect logs from Rapid7 InsightVM.
Infrastructure
Alpha
Salesforce
Collect login, logout, Apex, and setup audit-trail logs from Salesforce.
SaaS
Slack Logs
Collect Slack audit and access logs.
SaaS
SMAX Ticket Sync
Sync tickets with OpenText SMAX.
SaaS
Tenable.sc
Collect logs from Tenable.sc.
Infrastructure
Beta
Wiz
Collect logs from Wiz.
Cloud
Pricing that doesn't punish coverage

Turn on every integration you need. The price doesn't move.

Most platforms meter you per connector, so teams ration what they ingest and leave gaps where attacks hide. ArmorPoint includes the entire marketplace in one flat monthly price. Connect as many tools as you want, across every category, without a line-item conversation.

If it isn't on the list

If it can forward a log, we can ingest it.

Named connectors

Turnkey for the common stack.

45 pre-built connectors across endpoint, cloud, identity, network, and SaaS, configured in the platform.

Webhook + syslog

Anything that emits a log.

Custom webhook and syslog ingestion bring in sources that don't have a named connector yet.

Integration Package SDK

Build your own.

An SDK to package a new source yourself, so coverage never waits on a vendor's roadmap.

How it works

Connect a tool. We do the rest.

1
Connect

Authorize the connector or point a syslog feed at us.

2
Normalize

Telemetry is parsed into one common schema across sources.

3
Correlate

Signals are correlated across tools, not siloed by vendor.

4
Act & evidence

The 24/7 SOC investigates, and the same data becomes audit evidence.

What it means for you

Use what you already own. See all of it in one place.

Security lead

One picture across the whole stack. No swivel-chair between consoles.

IT & operations

No rip-and-replace. Keep the tools you bought and get more from them.

Finance

One predictable line item. Coverage grows without the price growing.