32 Integrations with VirusTotal
View a list of VirusTotal integrations and software that integrates with VirusTotal below. Compare the best VirusTotal integrations as well as features, ratings, user reviews, and pricing of software that integrates with VirusTotal. Here are the current VirusTotal integrations in 2026:
-
1
Graylog
Graylog
Graylog is the AI-powered SIEM and log management platform built for security and IT operations. The platform centralizes and analyzes event data from across complex environments to help teams detect threats faster, investigate smarter, and control data costs—without compromise. Graylog combines scalable log management with explainable AI that summarizes dashboards, prioritizes real risks, and automates investigation workflows—while keeping analysts in control. With products including Graylog Security, Enterprise, API Security, and Open, Graylog serves more than 60,000 organizations across 180 countries. Headquartered in Houston with roots in open source, Graylog continues to redefine how modern teams achieve clarity, context, and control across their environments.Starting Price: $1250/month -
2
Criminal IP
AI SPERA
Criminal IP equips security teams with the actionable Threat Intelligence needed to proactively identify, analyze, and respond to emerging threats. Powered by AI and OSINT, it delivers threat scoring, reputation data, and real-time detection of a wide array of malicious indicators, ranging from C2 servers and IOCs to masking services like VPNs, proxies, and anonymous VPNs, across IPs, domains, and URLs. Its API-first architecture ensures seamless integration into security workflows to boost visibility, automation, and response.Starting Price: $0/month -
3
Criminal IP ASM
AI Spera
Criminal IP ASM delivers a threat intelligence-powered approach to attack surface management by combining continuous asset discovery with deep threat analysis across IPs, domains, OSINT, and associated infrastructure. Built on Criminal IP’s advanced scanning and enrichment capabilities, it brings Threat Intelligence context such as vulnerability intelligence, C2 detections, malicious IP/domain correlations, and dark web exposure into every layer of asset discovery in an integrated approach that empowers security teams to proactively identify, prioritize, and mitigate threats before they are exploited. -
4
Airlock Digital
Airlock Digital
Airlock Digital is an application control solution that enforces a Deny by Default security posture. It enables organizations to define trusted applications, scripts, libraries, and processes at a granular level using file hash, path, publisher, or parent process. Only those explicitly defined as trusted are allowed to execute. The platform supports Windows, macOS, and Linux systems, including legacy operating systems and operational technology (OT) environments. Airlock Digital includes allowlisting and blocklisting capabilities, integrated file reputation checks via VirusTotal, and detailed logging for audit and compliance. Exception management is supported through features such as rule-based overrides and time-bound One-Time Passwords (OTPs). Centralized policy management allows consistent enforcement across large and distributed environments. The platform is available as an on-premises deployment, in the cloud, or as a managed hosted service. -
5
threatYeti by alphaMountain
alphaMountain AI
threatYeti by alphaMountain, turns security professionals and hobbyists alike into a senior IP threat intelligence analysts with a browser-based platform that renders real-time threat verdicts for any domain, URL, or IP on the internet. With threatYeti, the risk posed by a domain is rendered instantly with a color-coded rating from 1.00 (low risk) to 10.00 (high risk). threatYeti also protects cyber threat analysts and their networks from risky sites. threatYeti’s no-click categorization presents sites into at least one out of 89 categories so that analysts don’t have to visit them and risk encountering objectionable material or downloading malware. threatYeti also displays related hosts, threat factors, passive DNS, certificates, redirect chains and more, giving analysts the full picture of any host. The result is faster, safer investigations that enable organizations to take conclusive action on domain and IP threats.Starting Price: $0 -
6
ANY.RUN
ANY.RUN
ANY.RUN is an online interactive sandbox for DFIR/SOC investigations. The service gives access to fast malware analysis and detection of cybersecurity threats. The effectiveness of the solution has been proven by over 500,000 active users who find new threats with ANY.RUN daily. ANY.RUN provides an interactive sandbox for malware analysis, offering deep visibility into threat behavior in a secure, cloud-based environment with Windows, Linux, and Android support. It helps SOC teams accelerate monitoring, triage, DFIR, and threat hunting — enabling them to analyze more threats in a team and process more alerts in less time. Learn more at ANY.RUN's website. -
7
KamuSEO
KamuSEO
It's a complete visitor and SEO analytics, a great tool to analyze your site's visitors and analyze any site's information. It has the ability to analyze your own website's information. It has the ability to analyze any other website's information. It has a native API by which developers can integrate its facilities with another app. KamuSEO is an app to analyze your site visitors and analyze any site's information such as Alexa data, similar web data, whois data, social media data, Moz check, search engine index, Google page rank, IP analysis, malware check, etc. Input a domain name and you will get a js code. Copy the embedded js code and paste it into your web page. You will get a daily report about your website. You will get some bonus utility tools such as email encoder/decoder, metatag generator, tag generator, plagiarism check, valid email check, duplicate email filter, URL encoder/decoder, etc.Starting Price: $29 per month -
8
IZArc
IZArc
Zip and unzip files. Passwords protect archives with strong AES encryption. Support 7-ZIP, RAR, TAR and many other archives. IZArc is the best free file compression utility supporting many archive formats like 7-ZIP, A, ARC, ARJ, B64, BH, BIN, BZ2, BZA, C2D, CAB, CDI, CPIO, DEB, ENC, GCA, GZ, GZA, HA, IMG, ISO, JAR, LHA, LIB, LZH, MDF, MBF, MIM, NRG, PAK, PDI, PK3, RAR, RPM, TAR, TAZ, TBZ, TGZ, TZ, UUE, WAR, XPI, XXE, YZ1, Z, ZIP, ZOO. With a modern easy-to-use interface, IZArc provides support for most compressed and encoded files, as well as access to many powerful features and tools. It allows you to drag and drop files from and to Windows Explorer, create and extract archives directly in Windows Explorer, create multiple archives spanning disks, create self-extracting archives, repair damaged zip archives, convert from one archive type to another, view and write comments and many more. IZArc has also built-in multilanguage support.Starting Price: Free -
9
FileVoyager
FileVoyager
FileVoyager is a freeware Orthodox file manager (OFM) for Microsoft Windows. OFMs are file managers using two panels of disk browsers. This dual pane layout makes very easy the transfer operations of files or folders between sources and destinations. FileVoyager contains a large collection of tools and functionality. Browse disks, folders (real or virtual), shares, archives, and FTP/FTPS in one unified way. Browsing in various display modes (like a report or thumbnail modes) Usual file operations (rename, copy, move, link, delete, recycle) in the containers listed above and even between them. Pack and unpack ZIP, 7Zip, GZip, BZip2, XZ, Tar, and WIM formats (FileVoyager wraps 7-zip) Unpack ARJ, CAB, XAR, Z, RAR, LZH, LZMA, ISO, WIM and many others (FileVoyager wraps 7-zip) Play virtually any audio or video formats (FileVoyager relies at once on installed codecs, on WMP, and on VLC) Compare files or folders. Synchronize folders.Starting Price: Free -
10
Dropzone AI
Dropzone AI
Dropzone AI replicates the techniques of elite analysts and autonomously investigates every alert. Our specialized AI agent autonomously performs end-to-end investigations and will cover 100% of your alerts. Trained to replicate the investigation techniques of best-in-class SOC analysts, its reports are fast, detailed and accurate. You can also go deeper with its chatbot. Dropzone’s cybersecurity reasoning system, purpose-built on top of advanced LLMs, runs a full end-to-end investigation tailored for each alert. Its security pre-training, organizational context understanding and guardrails make it highly accurate. Dropzone then generates a full report, with the conclusion, executive summary, and full insights in plain English. You can also converse with its chatbot for ad-hoc inquiries.Starting Price: $36,000/year -
11
Keepnet Labs
Keepnet Labs
Keepnet’s extended human risk management platform empowers organizations to build a security culture with AI-driven phishing simulations, adaptive training, and automated phishing response, helping you eliminate employee-driven threats, insider risks, and social engineering across your organization and beyond. Keepnet continuously assesses human behaviors through AI-driven phishing simulations across email, SMS, voice, QR codes, MFA, and callback phishing to reduce human-driven cyber risks. Keepnet's adaptive training paths are tailored to individual risk levels, roles, and cognitive behaviors, ensuring that secure behaviors are embedded to continuously reduce human cyber risk. Keepnet empowers employees to report threats instantly. Using AI-driven analysis and automated phishing responses, security admins respond 168x faster. Detects employees who frequently click phishing links, mishandle data, or ignore security policies.Starting Price: $1 -
12
Kadabra
Kadabra
Kadabra is an AI-powered workflow automation platform that enables teams to convert plain-English descriptions of tasks into live pipelines in minutes. Users simply chat their goal, such as “when a new signup arrives, enrich the lead, add to Notion CRM, and ping Slack,” and Kadabra’s AI designs, tests, and deploys the automation. It connects natively to apps like Slack, Notion, Google Sheets, Gmail, and webhooks, presents the workflow on a visual canvas where users can review and approve each step, and supports both scheduled and event-triggered execution. Built-in monitoring, error-handling, and one-click deployment mean teams can scale automations without heavy engineering resources. With control surfaces that let users refine workflows, it retains transparency, and guardrails even as it accelerates automation across marketing, sales, operations, and product workflows.Starting Price: $9 per month -
13
Uptycs
Uptycs
Uptycs is the first unified CNAPP and XDR platform. Reduce risk by prioritizing responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates. With Uptycs, you can protect your entire enterprise, from laptops and servers to public and private cloud infrastructure. The platform streamlines your response to threats and offers a single UI and data model for easy management. Uptycs ties together threat activity as it traverses on-prem and cloud boundaries, delivering a more cohesive security posture. If you're looking for a powerful security solution that eliminates silos and tool sprawl, Uptycs is the answer. Looking for acronym coverage? We have you covered, including CNAPP, CWPP, CSPM, KSPM, CIEM, CDR, and XDR. Start with your Detection Cloud, Google-like search, and the attack surface coverage you need today. Be ready for what’s next. Shift up with Uptycs. -
14
SecurityHQ
SecurityHQ
SecurityHQ is a world leading independent Managed Security Service Provider (MSSP), that detects, and responds to threats, instantly. As your security partner, we alert and act on threats for you. Gain access to an army of analysts that work with you, as an extension of your team, 24/7, 365 days a year. Receive tailored advice and full visibility to ensure peace of mind, with our Global Security Operation Centres. Utilize our award-winning security solutions, knowledge, people, and process capabilities, to accelerate business and reduce risk and overall security costs. Most Popular Services: Managed Detection and Response (MDR) Endpoint Detection and Response (EDR) Managed Extended Detection and Response (XDR) Vulnerability Management Services Managed Firewall Digital Forensics & Incident Response Managed Network Detection and Response (NDR) Penetration Testing CISO as a Service -
15
Joe Sandbox
Joe Security
Tired of high level malware analysis? Perform one of the deepest analysis possible - fully automated or manual - from static to dynamic, from dynamic to hybrid, from hybrid to graph analysis. Rather than focus on one, use the best of multiple technologies including hybrid analysis, instrumentation, hooking, hardware virtualization, emulation and machine learning / AI. Check out our reports to see the difference. Deeply analyze URLs to detect phishing, drive by downloads, tech scam and more. Joe Sandbox uses an advanced AI based algorithm including template matching, perptual hashing, ORB feature detection and more to detect the malicious use of legit brands on websites. Add your own logos and templates to extend the detection capabilities. Interact with the sandbox through Live Interaction - directly from your browser. Click through complex phishing campains or malware installers. Test your software against backdoors, information leakage and exploits (SAST and DAST). -
16
SpiderFoot
SpiderFoot
No matter your use case, SpiderFoot will save you time by automating the collection and surfacing of interesting OSINT. Found a suspicious IP address or other indicators in your logs that you need to investigate? Maybe you want to dig deeper into the e-mail address used, or the links referenced in a recent phishing campaign your organization faced? With over 200 modules for data collection and analysis, you can be confident that with SpiderFoot you’ll be gaining the most comprehensive view into the Internet-facing attack surface of your organization. Red teams and penetration testers love SpiderFoot due to it’s broad OSINT reach and identification of low hanging fuit, revealing long-forgotten and unmanaged IT assets, exposed credentials, open cloud storage buckets and much more. Use SpiderFoot to continually monitor OSINT data sources and detect when new intelligence is discovered about your organization. -
17
Query Federated Search
Query
Query is a federated search platform delivering a single search bar to access all your security-relevant data, wherever it is stored. The Query Federated Search Platform unlocks access to and value from cybersecurity data wherever it is stored (in the cloud, third-party SaaS, or on-prem), regardless of vendor or technology, and without requiring centralization. This leads to massive cost savings, more efficient security operations across real-time and historical data sources, and reduced security analyst ramp-up time. -
18
BeyondTrust Cloud Privilege Broker
BeyondTrust
Cloud Privilege Broker gives your team the tools to visualize and manage entitlements across the multi-cloud infrastructure. Cloud-agnostic, centralized dashboard with key metrics. Continuous discovery of users, roles, policies, and endpoints across all supported cloud platforms. Granular policy recommendations across IaaS and PaaS platforms from a single interface. BeyondTrust Cloud Privilege Broker (CPB) is an entitlements and permissions management solution that enables customers to visualize and manage cloud access risk in hybrid and multi-cloud environments, all from a single interface. Each cloud service provider has its own access management tools, but they only manage their own environments and do not scale to cover others. This leaves teams to swivel from console to console, attempting to manage permissions separately for each cloud provider, with different ways to apply policy from one platform to the next. -
19
Symantec Network Forensics
Broadcom
Get complete security visibility, advanced network traffic analysis, and real-time threat detection with enriched, full-packet capture. Symantec Security Analytics, the award-winning Network Traffic Analysis (NTA) and forensics solution is now available on a new hardware platform that offers much higher storage density, deployment flexibility, greater scalability, and cost savings. This new model separates the hardware purchase from the software purchase, enabling you to adopt new enterprise licensing that lets you choose how to deploy the solution: on-premises, as a virtual appliance, or in the cloud. With this latest hardware innovation, you can achieve the same performance and greater storage capacity in up to half the rack space footprint. Security teams can deploy anywhere in their organization and expand or contract their deployment as needed, without having to change licenses. Reduced cost and easier adoption. -
20
Revelstoke
Revelstoke
Rock your SOC with the first universal, low-code, high-speed security automation platform with case management built in. Revelstoke uses a single, universal data model that normalizes input and output data to allow for fast integration of any security product, and it’s future-proof. Our UI is based on the Kanban-style workflow. Grab a card, drag it into place, drop it where you want, and boom, the automation works. You can track and monitor case actions, timeline information, and workflow actions, all from the case management dashboard. IR is at your fingertips. Measure and report on the business impact of security automation, prove the value of the investment and show what your team is worth. Revelstoke radically simplifies security orchestration, automation, and response (SOAR), so security teams can work faster, smarter, and more effectively. With a low-code, drag-and-drop interface, dozens of built-in integrations, and incredible visibility into performance metrics. -
21
Blink
Blink Ops
Blink is an ROI force multiplier for security teams and business leaders looking to quickly and easily secure a wide variety of use cases. Get full visibility and coverage of alerts across your organization and security stack. Utilize automated flows to reduce noise and false positives in alerts. Scan for attacks and proactively identify insider threats and vulnerabilities. Create automated workflows that add relevant context, streamline communications, and reduce MTTR. Take action on alerts and improve your cloud security posture with no-code automation and generative AI. Shift-left access requests, streamline approvals flows, and unblock developers while keeping your applications secure. Continuously monitor your application for SOC2, ISO, GDPR, or other compliance checks and enforce controls. -
22
Admin By Request
Admin By Request
With rapid provisioning of Just-In-Time privilege elevation across your entire workforce. On-board and manage workstations and servers via a user-friendly portal. To reveal risky users and assets through thread and behavioral analytics to identify malicious software and prevent data breaches and malware attacks. By elevating applications - not users. Delegate privileges based on the user or groups to save time and monetary resources. Whether a developer in the IT department, a tech newbie in HR, or a third-party consultant needing to service one of your endpoints, there's a method of elevation appropriate for every user. All features come out-of-the-box with Admin By Request and can be tailored to the needs of individual users or groups. -
23
SURF Security
SURF Security
Create a security air gap, reduce your attack surface and isolate your business from internal and external exploits, while streamlining SaaS apps and accessing your data. Grants access based on the identity of the users and their devices to any SaaS or on-prem apps. Isolated work environment from device and web threats locally on the endpoint, by encrypting, sandboxing and rendering content. Enforcing enterprise browser security policies like DLP, web filtering, phishing protection, extension management and more. SURF brings Zero-Trust principles to the user via the browser, protecting everyone and everything in the enterprise regardless of role. By configuring only a few policies, IT and security teams can significantly reduce the attack surface. Discover the benefits of utilizing SURF from an Information technology perspective. -
24
Mindflow
Mindflow
Embrace hyper-automation at scale with intuitive no-code & AI-generated flows. Access every tool you need through the most extensive integration library ever provided. Pick the service you want from the Integrations library and automate your way. Onboard and build your first workflows in minutes. Use pre-built templates if you need them, help yourself with the AI assistant, or benefit from the Mindflow excellence center. Type your input in plain-language text and let Mindflow do the rest. Generate workflows adapted to your tech stack from any input. Create AI-generated workflows to help you address any use case and reduce the building time to the minimum. Mindflow redefines enterprise automation, offering an extensive catalog of integrations. Add any new tool to our platform within minutes, breaking the barriers of traditional integration. Connect and orchestrate your tech stack, no matter the tools you use. -
25
Filigran
Filigran
Embrace a proactive approach with end-to-end cyber threat management, from anticipation to response. Tailored to elevate cybersecurity through comprehensive threat intelligence, advanced adversary simulation, and strategic cyber risk management solutions. Get a holistic view of your threat environment and improved decision-making for faster incident response. Organize your cyber threat intelligence knowledge to enhance and disseminate actionable insights. Access consolidated view of threat data from multiple sources. Transform raw data into actionable insights. Enhance sharing and actionable insights dissemination across teams and tools. Streamline incident response with powerful case management capabilities. Create dynamic attack scenarios, ensuring accurate, timely, and effective response during real-world incidents. Build both simple and intricate scenarios tailored to various industry needs. Improve team dynamics with instant feedback on responses. -
26
LimaCharlie
LimaCharlie
Whether you’re looking for endpoint security, an observability pipeline, detection and response rules, or other underlying security capabilities, LimaCharlie’s SecOps Cloud Platform helps you build a flexible and scalable security program that can evolve as fast as threat actors. LimaCharlie’s SecOps Cloud Platform provides you with comprehensive enterprise protection that brings together critical cybersecurity capabilities and eliminates integration challenges and security gaps for more effective protection against today’s threats. The SecOps Cloud Platform offers a unified platform where you can build customized solutions effortlessly. With open APIs, centralized telemetry, and automated detection and response mechanisms, it’s time cybersecurity moves into the modern era. -
27
Azure Marketplace
Microsoft
Azure Marketplace is a comprehensive online store that provides access to thousands of certified, ready-to-use software applications, services, and solutions from Microsoft and third-party vendors. It enables businesses to discover, purchase, and deploy software directly within the Azure cloud environment. The marketplace offers a wide range of products, including virtual machine images, AI and machine learning models, developer tools, security solutions, and industry-specific applications. With flexible pricing options like pay-as-you-go, free trials, and subscription models, Azure Marketplace simplifies the procurement process and centralizes billing through a single Azure invoice. It supports seamless integration with Azure services, enabling organizations to enhance their cloud infrastructure, streamline workflows, and accelerate digital transformation initiatives. -
28
Polarity
Polarity
Polarity is a free-floating overlay that automatically searches unlimited sources in parallel to speed up analysis by enriching every tool and workflow. It allows users to add and enrich any information so they and their entire team or organization can stay on the same page and avoid duplicate work. When a user makes an annotation on any data today, their teammate will see that note when they see the same data in the future. Polarity enables users to search once and know everything their enterprise knows about a piece of data, both internally and externally. What used to take 50 tabs and most of your time now takes just 1 tab and 2 seconds, so you can focus on getting the job done, not searching for context. Users can connect Polarity to over 200 different tools inside of their environment or to external open-source tools. With Polarity’s flexible integration framework, anyone can develop a custom integration quickly and get visibility to any dataset. -
29
7AI
7AI
7AI is an agentic security platform built to automate and accelerate the entire security operations lifecycle using specialized AI agents that investigate security alerts, form conclusions, and take action, turning processes that once took hours into minutes. Unlike traditional automation tools or AI copilots, 7AI deploys purpose-built, context-aware agents that are architecturally bounded to avoid hallucinations, and operate autonomously; they ingest alerts from existing security tools, enrich and correlate data across endpoints, cloud, identity, email, network, and more, and then produce full investigations with evidence, narrative summaries, cross-alert correlation, and audit trails. It offers a complete security stack: detection to triage alerts (filtering out noise and up to 95–99% of false positives), investigations (multi-system data-gathering and expert-level reasoning), and unified incident-case management (auto-populated cases, team collaboration, and handoffs). -
30
Chronicle SOAR
Chronicle
Employ playbooks for fast time-to-value and ease of scaling as you grow. Address common day-to-day challenges (phishing or ransomware) with ready to run use cases, complete with playbooks, simulated alerts and tutorials. Create playbooks that orchestrate hundreds of the tools you rely on with simple drag and drop. Plus, automate repetitive tasks to respond faster and free up time for higher value work. Maintain, optimize, troubleshoot, and iterate playbooks with lifecycle management capabilities including run analytics, reusable playbook blocks, version control, and rollback. Integrate threat intelligence at every step and visualize the most important contextual data for each threat – who did what, and when – and the relationships between all involved entities attached to an event, product, or source. Patented technology automatically groups contextually related alerts into a single threat-centric case, enabling a single analyst to efficiently investigate and respond to a threat. -
31
Conifers CognitiveSOC
Conifers
Conifers.ai's CognitiveSOC platform integrates with existing security operations center teams, tools, and portals to solve complex problems at scale with maximum accuracy and environmental awareness, acting as a force multiplier for your SOC. The platform uses adaptive learning, a deep understanding of institutional knowledge, and a telemetry pipeline to help SOC teams solve hard problems at scale. It seamlessly integrates with the ticketing systems and portals your SOC team already uses, so there's no need to alter workflows. The platform continuously ingests your institutional knowledge and shadows your analysts to fine-tune use cases. Using multi-tier coverage, complex incidents are analyzed, triaged, investigated, and resolved at scale, providing verdicts and contextual analysis based on your organization's policies and procedures, while keeping humans in the loop. -
32
ThreatConnect Threat Intelligence Platform
ThreatConnect
The ThreatConnect Threat Intelligence Platform (TIP) centralizes the aggregation and management of threat data. From one platform, users can normalize data from a variety of sources, add additional context, and automate manual threat intelligence-related security processes. ThreatConnect TIP provides a workbench to organize and prioritize threat data and use it to drive actions across a security team.
- Previous
- You're on page 1
- Next
