Dropzone Integrations

The Dropzone platform supports four types of integrations. Many integrations span multiple categories. For example, CrowdStrike can function as both an alert source and a data source. In addition to these integration types, Dropzone includes Enrichment Tools that enhance investigations without requiring third-party configuration. These are available on the full Integrations page and directly in your tenant under Provided Integrations. Dropzone also offers an API for additional flexibility when integrating with your existing tools and workflows.

Click into each category below to learn more about the integration type and review setup documentation.

Alert Sources

The Dropzone platform creates Investigations based on alerts from Alert Sources. Dropzone has support for many Alert Sources, such as SIEMs, Clouds providers, EDR, and ticketing systems.

Data Sources

Data Sources enrich the information Dropzone uses to perform alert investigations and respond to interactive chat. Dropzone has support for many Threat Intelligence (TI) feeds, tools, and corporate systems such as identity, directory, and SIEM tools.

Communicators

Communicator Integrations allow the Dropzone platform to ask questions of your employee base and use their responses to improve the quality of analysis via our AI Interviewer feature. Want to notify your team of an investigation? You’re able to do that and so much more via our Response Actions feature (more information here).

Remediators

Remediator Integrations enable the Dropzone platform to take containment and remediation actions during malicious instances, when initiated by you. These integrations give you the ability to respond directly within Dropzone, helping you reduce dwell time and mitigate threats more effectively. Want 0-click remediations? You’re able to set those up and so much more via our Response Actions feature (more information here).