Find A Technology Partner
Leverage the Power of Partnerships
Increase operational efficiency and effectiveness by leveraging ForeScout integrations with your existing security and management solutions to create a more intelligent, cohesive security system. The ForeScout platform integrated with our partners’ solutions bridges security gaps to reduce your attack surface, accelerate risk detection and automate incident response.
Strategic Alliances
Click the logos below to learn how we work with these leading technology partners:
Integration Type
SIEM
The ForeScout Extended Module for Splunk® provides bi-directional communication with Splunk Enterprise and Splunk Enterprise Security. It combines ForeScout’s endpoint visibility, access control, and automated response capabilities with Splunk’s powerful correlation, analysis, and search features. This enables security teams to gain a better understanding of their overall security risk posture so they can more quickly respond to and mitigate a range of security issues.
Integration Type
ATD, NGFW
The alliance combines the real-time endpoint visibility, profiling and remediation capabilities of ForeScout CounterACT® with multiple Palo Alto Networks® products to limit data breaches, detect advanced threats and take automated remediation actions. Joint capabilities are made possible through the following Extended Modules that enable threat intelligence sharing:
ForeScout Extended Module for Palo Alto Networks WildFire: ForeScout CounterACT® and Palo Alto Networks WildFire™ work together to leverage the best-of-breed capabilities of each solution. CounterACT provides the unique ability to see and control devices, including non-traditional devices, the instant they connect to the network. WildFire leverages a malware analysis environment to identify new and unknown malware and exploits on the network. With the ForeScout Extended Module for Palo Alto Networks WildFire, the combined solution improves visibility and real-time intelligence, detects advanced threats and zero-day malware, provides a rapid response to compromised endpoints and automates response to identified threats.
ForeScout Extended Module for Palo Alto Networks Next-Generation Firewall: The ForeScout Extended Module for Palo Alto Networks Next-Generation Firewall allows ForeScout to exchange rich visibility and contextual information about users and devices with Palo Alto Networks Next-Generation Firewall. This enables Next-Generation Firewall to better segment resources on a need-to-know basis, assign appropriate access regardless of location and create granular access policies based on user and device context. As a result organizations can reduce their overall attack surface, prevent unauthorized access to sensitive resources and minimize malware proliferation and data breaches.
Integration Type
Cloud, EMM
ForeScout CounterACT® includes base module integrations with the VMware® vSphere Suite and NSX platforms to provide unified, cross-platform endpoint visibility, assessment and automated policy-based enforcement across your virtual and physical infrastructure. ForeScout also offers the ForeScout Mobile Integration Module that provides bi-directional communication and information sharing with VMware AirWatch® enabling automated real-time detection of mobile devices, seamless enrollment and installation of AirWatch agents.
ForeScout CounterACT and VMware integrations enable you to optimize resource utilization, streamline compliance and reduce risk by providing comprehensive visibility and policy-driven controls across your campus, mobile, data center and cloud devices.
Integration Type
ForeScout and CrowdStrike have partnered to strengthen endpoint defenses and proactively combat threats network-wide. The ForeScout® Extended Module for CrowdStrike® combines the real-time device visibility and control capabilities of ForeScout CounterACT® with the threat intelligence and advanced endpoint protection of the CrowdStrike Falcon platform. The joint solution allows you to proactively combat threats across both CrowdStrike-managed and unmanaged endpoints, and orchestrate workflows to isolate and remediate compromised devices. This enables you to accelerate threat response, limit malware propagation and reduce business impact.
Integration Type
ITSM
The ForeScout Extended Module for ServiceNow® leverages CounterACT’s real-time visibility and provides up-to-date device properties, classification, configuration and network context to ServiceNow. This enables you to get a current view of networked assets, track their movement and remediate or retire these assets as required. As a result, you can make informed decisions by leveraging an accurate single-source-of-truth asset repository, avoid manual, time-consuming and error-prone processes and optimize IT governance and service operations.
Integration Type
PAM
The ForeScout Extended Module for CyberArk® leverages CounterACT’s real-time agentless visibility to discover and classify devices, assess their security posture and gather intelligence about local privileged accounts. This enables you to get a current view of networked devices with privileged accounts, true-up your CyberArk account inventory and take precise, policy-based actions to allow or limit network access. As a result, you can more effectively manage privileged accounts and reduce your overall attack surface.
Integration Type
ATD, EDR
This alliance combines the dynamic endpoint visibility, profiling, access control and remediation capabilities of ForeScout CounterACT® with several FireEye® products to provide security against zero-day threats and produce indicators of compromise (IOCs) to help ensure that threats are remediated before the endpoint is allowed on the network. Joint capabilities are made possible through the following Extended Modules that enable threat intelligence sharing:
ForeScout Extended Module for FireEye HX: FireEye HX detects malicious endpoints with advanced threats and IOCs. ForeScout CounterACT isolates the malicious endpoints to stop lateral propagation of threats. CounterACT also stores and leverages IOC information from FireEye to scan endpoints that are attempting to connect or are already connected to the network for the presence of infections.
ForeScout Extended Module for FireEye EX: FireEye EX scans for phishing emails as well as malicious software attachments. If a threat is detected, FireEye EX prevents it from entering the network. After analysis, FireEye produces IOCs and shares the threat intelligence with CounterACT and the FireEye Threat Prevention Platform. Shared threat intelligence allows FireEye EX to scan for known vulnerabilities within arriving email. It also allows CounterACT to identify existing threats on endpoints as they connect to the network and take the appropriate actions based on corporate policies.
ForeScout Extended Module for FireEye NX: FireEye NX uses sandboxing techniques to identify zero-day threats and informs CounterACT® about infected devices and IOC threat severity. CounterACT uses this information to enforce policy-based actions, including isolating devices, initiating remediation actions and scanning other devices to minimize threat propagation. CounterACT stores the latest IOC information in its database, scans devices attempting to connect to the network and performs remediation actions before the endpoint attempts an outbound call.
Integration Type
CMT, EMM, SIEM
ForeScout has partnered with IBM® to deliver unique and powerful solutions for continuous monitoring and mitigation of enterprise risk and compliance gaps. With these joint solutions, you can achieve a more accurate real-time understanding of your device landscape and security posture, help enforce compliance on traditional and mobile devices, automatically mitigate endpoint risks and get more comprehensive compliance reports. The joint solutions combine ForeScout CounterACT with IBM BigFix®, IBM QRadar® and IBM MaaS360® via ForeScout Extended Modules.
Tripwire IP360 is an enterprise-class Vulnerability Management solution designed for large, complex network environments. The, The Tripwire IP360 Plugin for ForeScout, which is an extension of Tripwire IP360, leverages the ForeScout Open Integration Module (OIM) and ForeScout CounterACT to create a bi-directional integration of orchestrated information sharing and workflows. ForeScout detects endpoints the moment they connect to the network and informs Tripwire IP360. Policies can be set to automatically trigger an IP360 scan upon connection or allow operations to initiate a scan based on certain network activity. ForeScout policies monitor, manage, restrict and remediate endpoints based on Tripwire IP360 scan results.
Extended Modules
Extended Modules are ForeScout engineered and supported integrations that expand ForeScout’s see and control capabilities with leading security/management solutions. ForeScout Extended Modules enable contextual information sharing and orchestrate workflows to automate policy enforcement across previously siloed IT processes and accelerate system-wide response to more rapidly mitigate and remediate risks. Click on a logo to learn more.
Integration Type
EMM
AirWatch by VMware is the leader in enterprise mobility management (EMM). We enable end users with a seamless digital workspace, and empower IT with a future-proof mobility platform that provides flexibility to manage multiple use cases, unified management of endpoints, end-to-end security, and seamless integration across enterprise systems.
Integration Type
ForeScout and Carbon Black have partnered to fortify endpoint defenses and proactively combat threats across enterprise networks. The ForeScout Extended Module for Carbon Black combines ForeScout’s agentless visibility capabilities with the advanced endpoint protection of Carbon Black, offering intelligence from Carbon Black for Indicators of Compromise (IoCs) threat hunting and ForeScout’s automated remediation and threat response.
Integration Type
ATD, NGFW
According to Check Point, Check Point Software Technologies Ltd., is the largest network cyber security vendor globally, providing industry-leading solutions and protecting customers from cyberattacks with an unmatched catch rate of malware and other types of threats. Check Point offers a complete security architecture defending enterprises – from networks to mobile devices – in addition to the most comprehensive and intuitive security management. Check Point protects over 100,000 organizations of all sizes.
Integration Type
ForeScout and CrowdStrike have partnered to strengthen endpoint defenses and proactively combat threats network-wide. The ForeScout® Extended Module for CrowdStrike® combines the real-time device visibility and control capabilities of ForeScout CounterACT® with the threat intelligence and advanced endpoint protection of the CrowdStrike Falcon platform. The joint solution allows you to proactively combat threats across both CrowdStrike-managed and unmanaged endpoints, and orchestrate workflows to isolate and remediate compromised devices. This enables you to accelerate threat response, limit malware propagation and reduce business impact.
Integration Type
PAM
The ForeScout Extended Module for CyberArk® leverages CounterACT’s real-time agentless visibility to discover and classify devices, assess their security posture and gather intelligence about local privileged accounts. This enables you to get a current view of networked devices with privileged accounts, true-up your CyberArk account inventory and take precise, policy-based actions to allow or limit network access. As a result, you can more effectively manage privileged accounts and reduce your overall attack surface.
Integration Type
ATD, EDR
This alliance combines the dynamic endpoint visibility, profiling, access control and remediation capabilities of ForeScout CounterACT® with several FireEye® products to provide security against zero-day threats and produce indicators of compromise (IOCs) to help ensure that threats are remediated before the endpoint is allowed on the network. Joint capabilities are made possible through the following Extended Modules that enable threat intelligence sharing:
ForeScout Extended Module for FireEye HX: FireEye HX detects malicious endpoints with advanced threats and IOCs. ForeScout CounterACT isolates the malicious endpoints to stop lateral propagation of threats. CounterACT also stores and leverages IOC information from FireEye to scan endpoints that are attempting to connect or are already connected to the network for the presence of infections.
ForeScout Extended Module for FireEye EX: FireEye EX scans for phishing emails as well as malicious software attachments. If a threat is detected, FireEye EX prevents it from entering the network. After analysis, FireEye produces IOCs and shares the threat intelligence with CounterACT and the FireEye Threat Prevention Platform. Shared threat intelligence allows FireEye EX to scan for known vulnerabilities within arriving email. It also allows CounterACT to identify existing threats on endpoints as they connect to the network and take the appropriate actions based on corporate policies.
ForeScout Extended Module for FireEye NX: FireEye NX uses sandboxing techniques to identify zero-day threats and informs CounterACT® about infected devices and IOC threat severity. CounterACT uses this information to enforce policy-based actions, including isolating devices, initiating remediation actions and scanning other devices to minimize threat propagation. CounterACT stores the latest IOC information in its database, scans devices attempting to connect to the network and performs remediation actions before the endpoint attempts an outbound call.
Integration Type
CMT, EMM, SIEM
ForeScout has partnered with IBM® to deliver unique and powerful solutions for continuous monitoring and mitigation of enterprise risk and compliance gaps. With these joint solutions, you can achieve a more accurate real-time understanding of your device landscape and security posture, help enforce compliance on traditional and mobile devices, automatically mitigate endpoint risks and get more comprehensive compliance reports. The joint solutions combine ForeScout CounterACT with IBM BigFix®, IBM QRadar® and IBM MaaS360® via ForeScout Extended Modules.
Integration Type
EPP
This alliance provides security orchestration to improve endpoint protection over the McAfee Data Exchange Layer (DXL). ForeScout CounterACT® and McAfee® ePolicy Orchestrator® (McAfee ePO™) software work together to provide IT security managers with superior visibility and control of both managed and unmanaged endpoints on the network. In addition, this solution helps organizations save time by automating the installation of security agents, including those from McAfee, and ensuring those agents are healthy and up-to-date. If the connecting device is a corporate device and has a McAfee agent installed, ePO tells CounterACT what it knows about the endpoint compliance status of the device. If the device does not have a McAfee agent, CounterACT will inspect the device to determine its compliance status. If the device is compliant and the user is authorized, CounterACT allows the device to access the appropriate network resources, according to your policy.
Integration Type
EMM
MobileIron provides the secure foundation for companies around the world to transform into Mobile First organizations.
Integration Type
ATD, NGFW
The alliance combines the real-time endpoint visibility, profiling and remediation capabilities of ForeScout CounterACT® with multiple Palo Alto Networks® products to limit data breaches, detect advanced threats and take automated remediation actions. Joint capabilities are made possible through the following Extended Modules that enable threat intelligence sharing:
ForeScout Extended Module for Palo Alto Networks WildFire: ForeScout CounterACT® and Palo Alto Networks WildFire™ work together to leverage the best-of-breed capabilities of each solution. CounterACT provides the unique ability to see and control devices, including non-traditional devices, the instant they connect to the network. WildFire leverages a malware analysis environment to identify new and unknown malware and exploits on the network. With the ForeScout Extended Module for Palo Alto Networks WildFire, the combined solution improves visibility and real-time intelligence, detects advanced threats and zero-day malware, provides a rapid response to compromised endpoints and automates response to identified threats.
ForeScout Extended Module for Palo Alto Networks Next-Generation Firewall: The ForeScout Extended Module for Palo Alto Networks Next-Generation Firewall allows ForeScout to exchange rich visibility and contextual information about users and devices with Palo Alto Networks Next-Generation Firewall. This enables Next-Generation Firewall to better segment resources on a need-to-know basis, assign appropriate access regardless of location and create granular access policies based on user and device context. As a result organizations can reduce their overall attack surface, prevent unauthorized access to sensitive resources and minimize malware proliferation and data breaches.
Integration Type
VA
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud security and compliance solutions with over 7,700 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The Qualys Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications.
Integration Type
VA
Rapid7 is a leading provider of security data and analytics solutions that enable organizations to implement an active, analytics-driven approach to cyber security. Rapid7 solutions empower organizations to prevent attacks by providing visibility into vulnerabilities and to rapidly detect compromises, respond to breaches, and correct the underlying causes of attacks. Rapid7 is trusted by more than 5,100 organizations across 99 countries, including 37% of the Fortune 1000.
Integration Type
ITSM
The ForeScout Extended Module for ServiceNow® leverages CounterACT’s real-time visibility and provides up-to-date device properties, classification, configuration and network context to ServiceNow. This enables you to get a current view of networked assets, track their movement and remediate or retire these assets as required. As a result, you can make informed decisions by leveraging an accurate single-source-of-truth asset repository, avoid manual, time-consuming and error-prone processes and optimize IT governance and service operations.
Integration Type
SIEM
The ForeScout Extended Module for Splunk® provides bi-directional communication with Splunk Enterprise and Splunk Enterprise Security. It combines ForeScout’s endpoint visibility, access control, and automated response capabilities with Splunk’s powerful correlation, analysis, and search features. This enables security teams to gain a better understanding of their overall security risk posture so they can more quickly respond to and mitigate a range of security issues.
Integration Type
EPP
The Extended Module for Symantec™ Endpoint Protection leverages ForeScout CounterACT’s real-time visibility and control capabilities to validate Symantec Endpoint Protection agent integrity, trigger real-time malware scans and help enforce compliance at device connection time. It also provides automated response options to isolate or restrict network access of non-compliant or infected devices and facilitate remediation actions. As a result, you can reduce your attack surface, minimize malware propagation and limit the impact of data breaches.
Integration Type
VA
Tenable Network Security provides continuous network monitoring to identify vulnerabilities, reduce risk, ensure compliance and respond to threats. Our family of products includes SecurityCenter Continuous View™, which provides the most comprehensive and integrated view of network health, and Nessus®, the global standard in detecting and assessing network data. Tenable is relied upon by many of the world’s largest corporations, not-for-profit organizations and public sector agencies, including the entire U.S. Department of Defense.
Base Modules
ForeScout includes a wide variety of integrations with network and IT infrastructure (switches, wireless controllers, VPN, routers, directories), endpoints (Windows®, Mac, Linux, iOS, Android, printers and other devices), and endpoint software (antivirus, instant messaging, WMI and more). These integrations give you tremendous power through visibility of your full network and let you take action on discovered security gaps. Some of our featured base modules are:
Integration Type
Cloud
ForeScout CounterACT® provides out-of-the-box integration with Amazon EC2 (Elastic Compute Cloud). This base module lets you centrally manage and enforce consistent security policies across campus and cloud environments using the same solution and management interface. Among other things, CounterACT’s policy-based controls let you:
- Discover and classify EC2 instances
- Assess security posture and identify misconfigured or non-compliant EC2 instances
- Segment or isolate EC2 instances based on their classification and compliance posture
- Detect and prevent unauthorized access to and from EC2 instances
- Apply appropriate security groups and remediate non-compliant EC2 instances
Integration Type
Firewall and VPN
The joint ForeScout-Fortinet® solution leverages Fortinet’s Firewall and WLAN Controller for device discovery and combines the agentless classification, assessment and control capabilities of ForeScout CounterACT® to provide automated, policy-based options to control network access. This solution leverages standards-based protocols such as SNMP, CLI and 802.1X, and provides following benefits:
- Visibility into wired, wireless and IoT devices
- Continuous monitoring and remediation as devices come and go from the network
- Easy to configure, deploy and maintain without requiring endpoint agents
The joint ForeScout - Juniper Networks integrated solution offers continuous device visibility, access control and automated policy enforcement across Juniper and other vendors’ networking products to fully cover heterogeneous network environments. Plus, automate policy-driven actions in response to threats identified by Juniper Software Defined Secure Network (SDSN). Benefits include:
- Apply Juniper Policy Enforcer policies across your multivendor wired and wireless networks without the need to install agents
- Automatically respond to threats identified by Juniper SDSN by immediately controlling network access of at-risk devices
- Continuously reduce risk with agentless visibility and policy-driven control of devices, including IoT, accessing your heterogeneous network
Integration Type
Cloud, EMM
ForeScout CounterACT® includes base module integrations with the VMware® vSphere Suite and NSX platforms to provide unified, cross-platform endpoint visibility, assessment and automated policy-based enforcement across your virtual and physical infrastructure. ForeScout also offers the ForeScout Mobile Integration Module that provides bi-directional communication and information sharing with VMware AirWatch® enabling automated real-time detection of mobile devices, seamless enrollment and installation of AirWatch agents.
ForeScout CounterACT and VMware integrations enable you to optimize resource utilization, streamline compliance and reduce risk by providing comprehensive visibility and policy-driven controls across your campus, mobile, data center and cloud devices.
For a complete list of Base Module integrations included with ForeScout, click here.
Partner Developed Integrations
Find a Technology Partner
Submit Technology Partner Application
