Which integrations are supported?
Holm Security integrates with a wide range of security and IT operations platforms to streamline vulnerability management and security operations. This article provides a comprehensive overview of all available integrations, organized by function, to help you choose the right tools for your security workflow.
Note: In addition to the ready-made integrations listed below, you can create custom integrations using the Holm Security Platform API to extend functionality beyond our standard offerings.
Remediation and ticketing
Integrate with ticketing and issue-tracking platforms to automatically create and manage remediation tickets for discovered vulnerabilities. This streamlines your vulnerability response process and ensures vulnerabilities are tracked and remediated consistently.
Available ticketing integrations
Jira - Create and update tickets in Jira Server, Jira Cloud, Jira Core, Jira Software, and Jira Service Desk. Automatically populate ticket fields with vulnerability details, assign owners, and track remediation progress directly in Jira.
ServiceNow - Generate incidents automatically in ServiceNow with complete vulnerability information. Synchronize ticket status between Security Center and ServiceNow to maintain alignment between your security and IT operations platforms.
TOPdesk - Automatically create tickets and keep ticket status synchronized with Security Center. Includes customizable field mapping to tailor integration to your incident management workflow.
Security Information and Event Management (SIEM)
Feed vulnerability data from Security Center into your SIEM platform to correlate security events, improve threat detection, and provide comprehensive visibility into your security posture. SIEM integration enables you to combine vulnerability insights with log and event data for better incident response.
Available SIEM integrations
IBM QRadar - Send vulnerability data to QRadar to correlate vulnerability intelligence with log and flow consolidation. Enables faster threat detection by combining assessment results with QRadar's advanced analytics.
Logpoint - Integrate vulnerability data with Logpoint for comprehensive security monitoring and threat detection across your environment.
Microsoft Sentinel - Send vulnerability findings to Microsoft Sentinel, Microsoft's cloud-native SIEM solution. Enables correlating vulnerability data with other security signals to improve incident detection and response.
Splunk - Use the Holm Security app to integrate vulnerability insights. Splunk can then correlate this data with other operational and security information for advanced analytics.
Notifications and communication
Receive instant notifications about scan results, vulnerability findings, and ticket updates directly in your communication and collaboration platforms. Keep your team informed in real time without requiring them to log in to Security Center.
Available notification integrations
Slack - Get instant notifications about scan completion, new vulnerabilities, and ticket status changes directly in Slack. Customize messages with vulnerability details and remediation guidance for quick response.
Microsoft Teams - Receive scan status and vulnerability notifications in your Teams workspace. Includes rich message formatting with vulnerability severity, affected assets, and recommended actions.
Webhooks - Create fully custom integrations for maximum flexibility. Send vulnerability data to any HTTP-compatible endpoint for integration with specialized tools or internal systems.
Single Sign-On (SSO)
Enable single sign-on for users to securely access Security Center using your existing identity provider infrastructure. This simplifies user management, improves security through centralized authentication, and reduces password management overhead.
Available SSO integrations
Azure Active Directory (Azure AD) - Authenticate users through Microsoft's cloud-based identity service. Supports both cloud-native and hybrid identity scenarios for organizations using Microsoft services.
Microsoft Active Directory Federation Services (ADFS) - Use federated identity management with ADFS for on-premise authentication. Allows organizations to maintain authentication within their own infrastructure while using Security Center.
Okta - Integrate with Okta's cloud SSO solution for secure user authentication. Okta manages identity verification and session management for Security Center access.
OneLogin - Authenticate users through OneLogin's unified access management platform. Provides centralized authentication and session management for Security Center access.
User management and synchronization
Automatically synchronize users from your identity provider to simplify user management and ensure consistent access control across systems. When users are added, removed, or have roles changed in your identity provider, those changes can automatically sync to Security Center.
Available user synchronization integrations
Azure Active Directory (Azure AD) - Sync users directly from Azure AD for Phishing Simulation & Awareness Training campaigns. Automatically provision and deprovision users based on your Azure AD organizational structure.
Privileged Access Management
Integrate with privileged access management (PAM) solutions to securely handle credentials used during security assessments. This ensures sensitive credentials are never exposed in logs or configurations while still being available for authenticated scans.
Available PAM integrations
BeyondTrust - Use BeyondTrust's Privileged Access Management to securely store and retrieve credentials during vulnerability assessments. Credentials are centrally managed by BeyondTrust and accessed securely during scan execution, thereby improving both security and compliance.
Integration summary table
The following table provides a quick reference for all available integrations, organized by use case:
| Category | Integration | Primary Use Case |
|---|---|---|
| Ticketing & Remediation | Jira | Issue tracking and ticket creation |
| Ticketing & Remediation | ServiceNow | Incident management and ticketing |
| Ticketing & Remediation | TOPdesk | Ticket creation and status sync |
| SIEM | IBM QRadar | Security event correlation |
| SIEM | Logpoint | Security monitoring and detection |
| SIEM | Microsoft Sentinel | Cloud-native SIEM integration |
| SIEM | Splunk | Security analytics and insights |
| Notifications | Slack | Team notifications and alerts |
| Notifications | Microsoft Teams | Team notifications and alerts |
| Notifications | Webhooks | Custom integrations |
| SSO | Azure AD | Cloud user authentication |
| SSO | ADFS | On-premise user authentication |
| SSO | Okta | Cloud SSO |
| SSO | OneLogin | Unified access management |
| User Sync | Azure AD | User provisioning and management |
| PAM | BeyondTrust | Secure credential management |
Choosing the right integrations for your organization
For vulnerability remediation: Use Jira, ServiceNow, or TOPdesk to automatically create and track remediation tickets. This ensures vulnerabilities are formally recorded and tracked through your incident management process.
For security operations: Integrate with your SIEM platform (QRadar, Splunk, Sentinel, or Logpoint) to correlate vulnerability data with other security events and improve threat detection capabilities.
For team communication: Connect Slack or Microsoft Teams to keep your security team informed about scan results and vulnerability findings in real-time, without requiring them to check Security Center manually.
For user management: Use SSO integrations (Azure AD, ADFS, Okta, OneLogin) to simplify user access control and ensure only authorized personnel can access Security Center.
For secure assessments: If you need to use credentials during authenticated scans, integrate with BeyondTrust to securely manage those credentials without exposing them in configurations or logs.
Integration support and customization
Platform API: Beyond the listed integrations, you can build custom integrations using the Holm Security Platform API. The API provides programmatic access to assessment data, vulnerability information, and other Security Center functionality.
API documentation: For technical details on building custom integrations, see the Platform API documentation.
Support: If you need help setting up an integration or have questions about integration capabilities, contact our customer support team.
For more information, please contact our customer support.