Integrations

Seamless Security Integrations

Connect isMalicious to your existing security stack

Native integrations with leading threat intelligence platforms. Enrich your security workflows with real-time threat data from 500+ sources.

Get Your API Key View Documentation

Native Integrations

500+

Threat Sources

Real-time

Enrichment

Free

Tier Available

Native Connectors

Ready-to-deploy integrations for popular security platforms

OpenCTI

Active

Internal enrichment connector for OpenCTI threat intelligence platform

IPv4, IPv6, and Domain enrichment
Risk score with threat labels
Geolocation and external references
Docker deployment ready

Get Started

Cortex / TheHive

Officialv3.6.8+

Official analyzer for Cortex SOAR and TheHive incident response

IP, domain, and FQDN analysis
Risk scoring with taxonomies
TheHive case enrichment
Official Cortex-Analyzers repo

Get Started View Release

IntelOwl

Coming Soon

Multi-source threat intelligence aggregation with isMalicious

Automated IOC enrichment
Multi-analyzer orchestration
API integration ready
Request early access

Notify Me

Build Your Own Integration

Use our comprehensive REST API to build custom integrations with any platform. SDKs available for Python, Node.js, Go, and more.

API Reference View SDKs

Integration Use Cases

How security teams leverage isMalicious integrations

SOC Alert Enrichment

Automatically enrich security alerts with threat context and risk scores for faster triage.

Automated Threat Hunting

Integrate threat intelligence into hunting workflows for proactive threat detection.

Incident Response

Accelerate investigations with instant IOC enrichment during incident response.

Custom Integrations

Build custom integrations using our comprehensive REST API and SDKs.

Frequently Asked Questions

Do I need a paid plan to use integrations?

No! All integrations work with our free tier. Paid plans offer higher rate limits and additional features like bulk enrichment and priority support.

How do I get an API key?

Sign up for a free account at ismalicious.com, navigate to your dashboard, and generate an API key. It takes less than a minute.

Is the Cortex analyzer officially supported?

Yes! Our Cortex analyzer is included in the official Cortex-Analyzers repository (v3.6.8+) maintained by TheHive Project. It is production-ready and maintained by the isMalicious team.

How do I deploy the OpenCTI connector?

The OpenCTI connector can be deployed via Docker using docker-compose or manually with Python. Full deployment instructions are available on the OpenCTI integration page.

Can I request a new integration?

Absolutely! Contact us with your integration request and we'll prioritize based on demand. We're actively working on IntelOwl support.

What data types are supported?

We support IPv4 addresses, IPv6 addresses, domain names, FQDNs, and URLs across all integrations. Each integration may have specific supported types documented on its detail page.

How fresh is the threat intelligence data?

Our threat intelligence is updated in real-time from 500+ sources. When you query an IOC through any integration, you get the latest available threat data.

Ready to Integrate?

Get started with isMalicious integrations in minutes. Free tier available for development and testing.

Get Your API Key Contact Sales