Who is this for? MSP/MSSP Partners, Security Engineers
Multi-Platform Security Operations
Service providers often manage customers with diverse security technology stacks. This expansion allows you to:- Consolidate operations — Manage incidents from multiple platforms in one place
- Apply consistent workflows — Use Gamebooks across all supported platforms
- Scale efficiently — Same operational model regardless of underlying technology
New Platform Integrations
Splunk Enterprise Security
- Ingest notable events from Splunk ES
- Correlate Splunk data with other security sources
- Execute response actions through Splunk’s SOAR capabilities
CrowdStrike Falcon XDR
- Receive detections from Falcon platform
- Leverage Falcon’s endpoint response actions
- Integrate with existing Falcon deployments
IBM QRadar SIEM
- Pull offenses from QRadar
- Enrich with QRadar’s event context
- Coordinate response across hybrid environments
Why This Matters
Many MSPs and MSSPs support customers with non-Microsoft security stacks. With this expansion:- No more portal pivoting — Work from a single interface
- Consistent service delivery — Same quality of service regardless of platform
- Flexible customer support — Onboard customers without forcing technology changes
Microsoft Remains Core
While we’re expanding platform support, Microsoft Sentinel and Defender XDR remain our core focus:- Deepest integration with Microsoft security stack
- Full Security Delivery Agent support
- CMS for detection content management
Quick Summary
- ContraForce now supports Splunk Enterprise Security, CrowdStrike Falcon XDR, and IBM QRadar SIEM.
- Consolidate incidents from multiple security platforms into a single operational interface.
- Apply consistent Gamebook workflows regardless of underlying technology.
- Microsoft Sentinel and Defender XDR remain the core focus with the deepest integration.
Microsoft Sentinel Module
Connect Microsoft Sentinel
Defender XDR Module
Deploy Defender XDR integration
Questions? Contact us at [email protected].