Ecosystem Benefits
  • Field-level Support
  • Marketing Resources
  • Technical Enablement
  • Dedicated Resource for Integrations

Quilt Ecosystem Partners

Cyphort’s technology partner program is a collaboration of more than 30 enterprise security vendors working together to create an open software fabric–in essence, a quilt–that can provide customers with more options, more integration, and more protection. Leveraging Cyphort’s open architecture, customers deploying the Anti-SIEM can ingest log and event data from many of these vendors, and often provide auto mitigation back to these tools to strengthen them against advanced threats in the future. The result is a completely integrated security architecture giving customers greater protection and value.

If you’re a prospective customer, a Cyphort sales representative can share more details on vendor relationships and integration options. If you’re a technology vendor who is not yet a Quilt member, please contact us to learn more
about a Quilt Ecosystem Partnership.

Quilt Partner Program Reviews-

“The integration we have with Cyphort has been simple and effective,” said Peter Doggart, VP of Business Development at Symantec. “We’re providing valuable information to the Anti-SIEM, and Cyphort provides valuable information back to our BlueCoat ProxySG appliances. In the end, it’s a huge security benefit for our joint customers.”

“The widely deployed joint solution from Cyphort and Carbon Black empowers customers with maximum visibility in their environments,” said Jim Raine, Carbon Black’s Director of Technology Alliances. “Now, as Cyphort delivers an innovative SIEM alternative, customers can correlate detections from multiple sources, empowering response teams to pinpoint what needs immediate attention.”

“Through our integration with Cyphort’s Anti-SIEM and its threat detection technology, we can automatically isolate endpoint devices known to be compromised, restricting their access and movement,” said Frank Andrus, CTO at Bradford Networks. “The joint solution brings visibility and automated policy-based control to every device that is on the network, whether the device is a guest’s laptop or an IoT device such as a security camera.”

  • SIEM
  • Network
  • Endpoint
  • NAC & CASB
  • Infrastructure


Cyphort partners with Splunk to provide detection alerts via an Anti-SIEM app which speaks natively to Splunk. The app, available in the Splunk store, ensures alerts are correctly aligned for maximum efficiency when using Splunk for correlation. The app can feed alerts into the Ant-SIEM's SmartCore analytics engine to correlate detections from other security tools. Correlation from many different data sources significantly raises the fidelity of the detections and can reduce false-positives allowing customers to make quick decisions about remediation efforts.


Cyphort partners with IBM to provide high-fidelity alerts for QRadar to enhance detections and remediation priority. Customers can check alerts from the Anti-SIEM’s SmartCore analytics engine in addition to other security devices. SmartCore has customized alerts to work with the IBM® Security QRadar® event format. SmartCore can send syslogs to QRadar via native Log Event Extended Format (LEEF). Native support for LEEF ensures all data is correctly formatted. Also, SmartCore can query QRadar to ensure detections correlate across security devices. The combination of the Anti-SIEM SmartCore analytics engine and QRadar create high-fidelity detections that result in lower false-positive alerts.


The Symantec SSL Visibility Appliance provides decrypted content and integrates with the Anti-SIEM. The joint solution allows enterprises to easily add SSL visibility and inspection capability, along with category-based inspection policies to their existing network security infrastructure.

Juniper Networks

Customers can automatically publish threat containment data from Cyphort's Anti-SIEM SmartCore analytics engine directly to Juniper Networks' SRX firewalls. Customers can create a Dynamic Address Group on their SRX appliances and use that to obtain containment IP addresses from SmartCore.

Palo Alto Networks

The PAN Next-Generation Firewall integrates with the Anti-SIEM’s SmartCore analytics engine. Through open APIs, SmartCore pushes zero-day threat intelligence to PAN’s Next-Generation Firewall as well as automatically pushes the information needed to block malicious IP’s, URL’s, and CnC calls. The Anti-SIEM SmartCore analytics engine can be deployed on-premises to eliminate concerns about cloud-based detection technologies.


Uses broad and deep visibility across physical, virtual, and cloud network traffic flows. This integration augments the Anti-SIEM's ability to detect and respond to advanced threats. The GigaSECURE platform de-duplicates and filters traffic gathered from multiple collection points and distributes traffic to the Anti-SIEM SmartCore analytics engine.


The Cisco ASA Firewall integrates with the Anti-SIEM’s SmartCore analytics engine. Through open APIs, SmartCore pushes zero-day threat intelligence to ASA as well as automatically pushes the information to block malicious IP’s, URL’s, and CnC calls. The SmartCore analytics engine can be deployed on-premises to eliminate concerns about cloud-based detection technologies.


The FortiGate Next-Generation Firewall integrates with the Anti-SIEM’s SmartCore analytics engine. Through open APIs, SmartCore pushes zero-day threat intelligence to the FortiGate firewall as well as automatically pushes the information to block malicious IP’s, URL’s, and CnC calls. The SmartCore analytics engine can be deployed on-premises to eliminate concerns about cloud-based detection technologies.

Check Point

The Check Point Next-Generation Firewall integrates with the Anti-SIEM’s SmartCore analytics engine. Through open APIs, SmartCore pushes zero-day threat intelligence to Check Point’s NGFW as well as automatically pushes the information to block malicious IP’s, URL’s, and CnC calls. The SmartCore analytics engine can be deployed on-premises to eliminate concerns about cloud-based detection technologies.


Cyphort's Anti-SIEM SmartCore analytics engine and CrowdStrike's Falcon Host will enable you to see whether a malicious file was executed, where it sits in the kill chain, and if it has moved laterally. Integration will provide all crucial steps in the detection-to-remediation workflow.

Carbon Black

Carbon Black technology seamlessly integrates with Cyphort’s Anti-SIEM SmartCore analytics engine, enabling bi-directional sharing of threat data. As Cyphort detects malware on the network, Carbon Black Response can determine where the detected malware landed,

Bradford Networks

Cyphort and Bradford Networks have partnered to automate the complex threat triage and response process to reduce threat containment time following a cyber breach. Bradford Networks’ Network Sentry leverages its unique Live Inventory of Network Connections (LINC) to enhance delity of security events from Cyphort by correlating device, user, application and connections information to the compromised endpoint.

Skyhigh Networks

Using Skyhigh and Cyphort's Anti-SIEM, companies can examine data in existing cloud deployments for malware and other policy violations. This joint solution can inspect files for malware that are uploaded and downloaded by employees from cloud services such as Box and Office 365.


Cyphort’s partnership with Riverbed is unique and demonstrates how security and network optimization can work together. Customers can leverage Riverbed's Steelhead appliance to deploy the Anti-SIEM's Adaptive Detection Fabric (ADF) web, email, and lateral spread collectors. This eliminates the need for additional hardware at the gateway. The Anti-SIEM and Riverbed run on VSphere. The ADF’s collectors are deployed virtually allowing their quick roll out from a central location.

ADF Video

Frank Jas, Chief Architect on New ADF Capabilities

Frank Jas, Cyphort's Chief Architect, explains how the latest release of ADF adds three crucial enhancements that further strengthen protection against advanced threats, and significantly helps to improve the productivity of security analysts and incident response teams.


Cyphort Company Brief

This brief summarizeswho we are including company highlights, industry awards, introduction to our Quilt security ecosystem partners, solution summary, and the list of our venture partners.

Case Study

Jacksonville University Chose Cyphort for its Strong APT Detection Capabilities

This case study highlights the main drivers of why Jacksonville University chose Cyphort to safeguard their organization.

How Anti-SIEM’s Adaptive Detection Fabric Significantly Improved Crawford & Co. Insurance Company’s Incident Response

This case study will go over the key features and functionalities of Cyphort that Crawford & Co. surveyed before ultimately selecting the Adaptive Detection Fabric for their organization.

Large Enterprise Aerospace & Defense Company Chose Cyphort Because of It’s Flexible Deployment

This case study of a large enterprise aerospace & defense company is based on a December 2016 survey of Cyphort customers by TechValidate, a 3rd-party research service. One of the main purchasing drivers was Cyphort's ability to deploy across multiple sites and manage as a single system.

Large Enterprise Food Company Chooses Cyphort for Strong Detection of Advanced Threats

This case study of a large enterprise food company is based on a December 2016 survey of Cyphort customers by TechValidate, a 3rd-party research service. This case study addresses the security challenges the business faces and how Cyphort addresses it. It also discusses some of the key benefits after deploying Cyphort.

Financial Services Provider Deploys Anti-SIEM’s Powerful Adaptive Detection Fabric to Protect Customer Financial Data

This customer is a successful financial services company using innovative technology to change the way consumers and businesses obtain credit. Since their beginning, they have facilitated billions of dollars of loans. Because of their success, they faced two challenges. Both were equally important: protect itself and protect its customers’ banking information from cyber criminals.

Online Storage Provider Relies on Anti-SIEMS’s Adaptive Detection Fabric for Security

Enterprises now face another threat vector: file-sharing services. This type of collaboration and sharing service demonstrates the possibility that attackers can bypass an organization’s prevention infrastructure entirely. This leading online file sharing and content management service provider put enterprise customers’ minds at ease by analyzing files for advanced malware before delivering them.

Healthcare Organization Deploys Anti-SIEM’s Powerful Adaptive Detection Fabric to Stop Threats and Protect Patient Data

Malware attacks had become a sizable problem. The hospital IT security team needed visibility into the malware and attack vectors before a breach compromised the hospital or possibly threaten someone’s life.

Fortune 500 With Cloud Infrastructure Lowers APT Risk and Contains Costs

The customer concluded a new security solution was required. What drove the need to change? Their intellectual property (IP) and customer privacy. IP is the lifeblood of their business and protecting it, along with their customers’ credit card and privacy information, was what they had to do at all costs.

Customer Video

How Crawford & Company Uses Anti-SIEM to Boost IR Effectiveness and Lower Costs

Listen in as Director Global SOC, Vladislav Ryaboy, explains why Crawford and Company, the world's largest independent claims management company, chose Cyphort's Anti-SIEM to protect their business.

Barry University Uses Anti-SIEM to Automate IR Processes and Lower Alerts

Cyphort sits down with Barry University CTO, Dr. Hernan Londono, to discuss the cybersecurity challenges the university faces and why they chose Cyphort's Anti-SIEM to protect the university.

Tribune Media Testimonial

Hear the SVP & CIO of Tribune Media describe why he chose Cyphort, and the benefits his organization has expierenced.

Modell’s Sporting Goods

Hear directly from Modell’s CIO as he describes the unique value Cyphort offers to protect his organization and his excitement about working with the Cyphort technical team.

Barry University Testimonial

Listen to the technical leader at Barry University as he describes the University’s security challenges and how he implemented Cyphort to safeguard the organization.

Data Sheet

The Anti-SIEM Solution

The Anti-SIEM solution combines Advanced Threat Detection, Advanced Threat Analytics, and One-Touch Threat Mitigation into a distributed software platform centrally managed through an intuitive UI. The Anti-SIEM addresses two critical requirements facing today’s security teams: Productivity-reduce the noise and wasted time of too many alerts. Security-get visibility into advanced threats and the actionable intelligence need for quick mitigation.

Anti-SIEM’s Advanced Threat Analytics (ATA)

This data sheet focuses on the capabilities of Cyphort’s Advanced Threat Analytics (ATA)—the behavior analysis and machine learning layer that enables Anti-SIEM users to excel at interactive investigations.

Anti-SIEM’s One-Touch Threat Mitigation

This document, focuses on mitigation capabilities-the layer that enables Anti-SIEM users to effectively mitigate threats in their environment.

Anti-SIEM’s Adaptive Detection Fabric (ADF)

Every enterprise security architecture begins with a strong first line of defense. As effective as firewalls, secure web gateways, and intrusion prevention systems are, none can block 100% of advanced threats and exposing your organizationto a security gap. Understand how the Anti-SIEM's ADF is designed to close this security gap and protect your network.

Global Security Services (GSS)

GSS is a service offered by the Cyphort Labs team. The service works in conjunction with Anti-SIEM. It includes visibility into advanced threats that are early in their life cycle, provides updates to machine learning models about unseen threats, and risk categorization and prioritization analysis to ensure fast containment and mitigation.


Podcast: Barry University

Customer Interview.

Cyphort's CMO, Franklyn Jones, sits down with Barry University's CTO, Dr. Hernan Londono. Dr. Londono discusses the University's security challenges, and how he implemented Cyphort to safeguard the organization.

Research Report

Osterman: Complexities of SIEMs and Their Impact on IR Processes

This report is an in-depth survey of IT security managers in large organizations. The report outlines how organizations process security incidents, the problems they encounter in doing so, the satisfaction they have with their currently deployed SIEMs, and how they would like to address cyber security issues moving forward.

Ponemon: The Challenges to Achieving SIEM Optimization

This informative research report details the results from a survey of 600 SIEM users from large enterprises across the U.S. to better understand their attitudes and issues with their currently deployed SIEM solutions.

The Forrester Wave: Automated Malware Analysis

This report researches, analyzes and scores automated malware analysis vendors using 36 evaluation criteria to identify the top providers. Forrester identified Cyphort as a leader in security architecture tools and technology.

Ponemon: The State of Malware Detection and Prevention

This informative research report details the results from a survey of 600 IT practitioners who are responsible for directing cybersecurity activities or investments within their organization. The findings illuminate the reasons why companies are struggling to create an effective security strategy to prevent and detect malware and advanced threats.

Solution Brief

Improving Effectiveness of Incident Response

This document offers a look into the operational aspects of IR, analyzes the strengths and weaknesses of current IR practices, and highlights solutions that can both increase security analyst productivity and significantly strengthen an organization’s overall security preparedness.

SmartCore Overview

This brief shows how the Anti-SIEM, and specifically its SmartCore analytics engine, helps close the critical security gap exploited by cyber attackers. It offers a detailed look into how the unique combination of data correlation, behavioral analysis, and machine learning enables customers to establish persistent safeguards against attacks.

APIs: Security Intelligence Integrated Into Existing Workflows and Systems

Dive into the technical details about how the Cyphort Anti-SIEM's APIs deliver advanced security information to enhance internal SOC, IR, and SIEM systems as well as integrate with existing in-line prevention systems.

Why Your Organization Needs to Leverage the Cyber Kill Chain

The Cyber Kill Chain (CKC) model has become a useful tool for security operations teams to get visibility into how far a threat has progressed. Cyphort’s SmartCore analytics engine is engineered to show you exactly how the threat has progressed through each step of the CKC giving you a complete threat profile, incident response priority, and clear mitigation actions.

Use Case

Use Case-Distributed Enterprise (Web)

This use case looks at how Anti-SIEM's Adaptive Detection Fabric can protect distributed organizations against evasive advanced attacks that bypass their first line of defense. It gives customers an understanding of the problem, solution, and benefits to having strong security across web, email and lateral spread traffic.

Use Case- Email Threat Protection

This use case shows customers who are leveraging cloud-based and on-premises email how it can be secured using Anti-SIEM's ADF. It gives customers an understanding of the problem, solution, and benefits of ADF’s detection for cloud-based and on-premises email applications.


Franklyn Jones Infosecurity 2017 Interview Explaining Anti-SIEM

Franklyn explains the Anti-SIEM and how companies can best protect themselves from cyberattacks.

WannaCry BBC News Channel Interview With Nick Bilogorskiy

Listen to Cyphort's Nick Bilogorskiy discuss what to expect from the WannaCry Ransomware threat.

Threat Incident Timeline View

This demo highlights the benefits of ingesting third-party data through the Anti-SIEM open architecture and how the data maps to a timeline view for visibility into specific incidents.

Third Party Data Ingestion and Incident View

This demo highlights the benefits of ingesting third-party data through the Anti-SIEM open architecture providing incident responders with the ability to evaluate the severity of a specific incident and what to do to quickly mitigate and stop an attack.

Timeline View and Dashboard Incident Analysis

This demo highlights the capabilities of third-party integration and the benefits of a complete timeline view and dashboard analysis to help IR prioritize actions for a specific incident.

How an Open API Architecture Correlates Incidents

This demo highlights the capabilities of integration with third-party data feeds to map and correlate a timeline view and provide the detailed information and prioritization for specific incidents to efficiently mitigate the incident.

Introduction to the Anti-SIEM

Cyphort delivers the Anti-SIEM, an innovative security analytics and advanced threat defense platform that addresses time, cost, and complexity challenges associated with traditional SIEMs. The Anti-SIEM works with or without an existing SIEM to reduce noise, improve productivity, and accelerate response.

White Paper

Ransomware Tactics and Detection Techniques

Ransomware is one of the most pervasive and destructive threats that organizations and individuals face today. This white paper delves into its threat vectors and encryption processes. It reveals how Cyphort's Anti-SIEM SmartCore analytics engine stops ransomware and offers specific use case examples of eliminating this threat.

The Benefits of Machine Learning

Advanced Persistent Threats (APTs) have evolved in sophistication by enhancing their ability to obfuscate their behavior to evade detection tools. Machine learning has come into its own as a useful tool to identify this new breed of APTs by using more agile practices which allow a detection system to respond more rapidly to changes in tactics by cybercriminals.

Combating Malvertising and Drive-By Downloads

Hacking has transformed into a commercial enterprise that bad actors use to enrich themselves. Sophisticated malware is available for purchase on the dark net. Spear-phishing attacks target specific individuals and enterprises. APTs can lay dormant for months waiting for the right opportunity to strike. The need has never been greater for an advanced threat defense solution to protect intellectual property and customer data.

Certification Report

ICSA Labs Anti-SIEM Certification Report

ICSA Labs, a division of Verizon, provides testing and certification of security products to measure product compliance, performance, and reliability. Cyphort commissioned ICSA to evaluate our Anti-SIEM to independently validate its core architecture. Malware test data was sourced from ICSA’s own spam honeypots, the Internet, and known malicious URLs. 95.6% of samples were unmodified, original malware. Threat vectors included direct install, email attachments, Web drive-by and downloads, email links, downloads by malware, and network propagation.


Current partners can login here:

Not a partner yet? Sign up here: