.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Integrations and Collaboration
Access Cloud Optix features programmatically via a REST API and integrate seamlessly with third-party services such as SIEM and DevOps tools to streamline security operations and improve collaboration.
Security Operations
Splunk
Integrate Cloud Optix with your Splunk SIEM system to receive instant notification of security events and improve visibility for security operations teams.
Azure Sentinel (SIEM)
Send cloud security events detected by Cloud Optix into Azure Sentinel workspaces and customize the alert levels sent (Critical, High, Medium, and Low).
PagerDuty
Send cloud security events detected by Cloud Optix into PagerDuty and customize the alert levels sent (Critical, High, Medium, and Low).
Slack
Raise instant alerts to a chosen Slack channel for security events detected by Cloud Optix.
Microsoft Teams
Raise instant alerts to a chosen team for security events detected by Cloud Optix.
Amazon SNS
Raise instant alerts to a chosen Amazon Simple Notification Service (SNS) topic for security events detected by Cloud Optix.
Amazon Inspector
Filter Cloud Optix AWS Host Inventory to quickly identify EC2 instances for which there are Amazon Inspector findings, while the Network Topology CVE filter allows customers to highlight EC2 instances that have CVEs discovered by Amazon Inspector based on severity.
AWS Systems Manager
Receive patch status for EC2 Instances in the Cloud Optix console when AWS Systems Manager is enabled in the EC2 management console.
CI/CD and DevOps Tools
Sophos IAC Rest API
Cloud Optix Rest API allows teams to scan Infrastructure-as-Code templates at any stage of development (even before upload to Source Control) regardless of what code repository is being used e.g Gitlab.
GitHub
Automatically scan Infrastructure-as-Code templates in GitHub repositories and detect misconfigurations, embedded secrets, passwords, and keys before they make it into production. Cloud Optix can checks Terraform, AWS CloudFormation, Ansible, Kubernetes, and Azure Resource Manager (ARM) template files.
Bitbucket
Automatically scan Infrastructure-as-Code templates in Bitbucket repositories in and detect misconfigurations, embedded secrets, passwords, and keys before they make it into production. Cloud Optix checks Terraform, AWS CloudFormation, Ansible, Kubernetes, and Azure Resource Manager (ARM) template files.
Jenkins
Empower DevOps teams to remediate configuration issues, embedded secrets, passwords, and keys before deployment to production by raising alerts via API directly in the Jenkins build pipeline.
Ticketing
Jira
Allow your teams to embed cloud security and compliance response into standard workflows by creating Jira tickets from inside the Cloud Optix console for new Sophos Cloud Optix alerts. Two-way integration avoids duplication by ensuring existing tickets for the same issue type are updated if present before a new ticket is created.
ServiceNow
Improve response times by creating ServiceNow tickets for cloud security events directly inside the Cloud Optix console. Two-way integration ensures existing tickets for the same issue type are updated if present before a new ticket is created.
Cloud Providers
Amazon SNS
Amazon GuardDuty
AWS CloudTrail
AWS IAM Access Analyzer
Amazon Detective
AWS Trusted Advisor
Amazon Inspector
AWS Systems Manager
Azure Sentinel (SIEM)
Azure Advisor
Cloud Security Posture Management API
The REST API enables security operations teams to correlate data and understand the root cause of a security finding, as well as the resources affected, to provide the context needed to understand if activities are malicious.