Skip to content

Palo Alto Networks integrations

DomainTools provides integrations with Palo Alto Networks security platforms to enhance threat intelligence and incident response capabilities.

Available integrations

Cortex XSIAM

The DomainTools Iris Investigate integration for Cortex XSIAM provides automated infrastructure characterization and threat hunting capabilities. You gain access to domain profile, web crawl, SSL, and infrastructure data from within Cortex XSIAM.

Cortex XSIAM integration guide

Cortex XSOAR

The DomainTools Iris App for Cortex XSOAR (formerly Demisto) brings contextual DNS intelligence to your security orchestration platform. You can leverage the app to automate enrichment of malicious observables within incidents and create custom workflows.

Cortex XSOAR integration guide

Key capabilities

Both integrations provide:

  • Domain profile and risk scoring
  • Infrastructure pivoting and analysis
  • Automated workflows for incident response
  • Access to DomainTools Iris Investigate API
  • SSL certificate and DNS data enrichment

Before you begin

Each integration requires:

  • Active Palo Alto Networks platform subscription
  • DomainTools Iris Investigate API credentials
  • Installation from respective marketplaces

For detailed setup instructions and configuration parameters, see the individual integration guides.