Integrations Overview
Seliq is designed to sit on top of the tools you already use. Every integration pulls data into Seliq; your existing tools keep working exactly as they do today.
Integration categories
Section titled “Integration categories” SIEM Integrations Splunk, Microsoft Sentinel, Elastic SIEM, Google Chronicle
Ticketing ServiceNow, Jira — bidirectional incident sync
Notification Channels Slack, Email, PagerDuty — alert and report delivery
Current integration status
Section titled “Current integration status”| Integration | Category | Status | Notes |
|---|---|---|---|
| Microsoft Sentinel | SIEM | ✅ Available | Pull (API) + Push (webhook) |
| Splunk Cloud / Enterprise | SIEM | ✅ Available | Pull (REST API) |
| Elastic SIEM | SIEM | ✅ Available | Pull (Elasticsearch API) |
| Google Chronicle | SIEM | 🔜 Coming soon | |
| CrowdStrike Falcon | EDR | ✅ Available | Push (webhook) |
| SentinelOne | EDR | ✅ Available | Push (webhook) |
| Microsoft Defender XDR | EDR | 🔜 Coming soon | |
| AWS GuardDuty | Cloud | ✅ Available | Push (EventBridge) |
| Azure Defender | Cloud | 🔜 Coming soon | |
| GCP Security Command Center | Cloud | 🔜 Coming soon | |
| ServiceNow | Ticketing | ✅ Available | Bidirectional |
| Jira | Ticketing | ✅ Available | Bidirectional |
| PagerDuty | Notifications | ✅ Available | Outbound |
| Slack | Notifications | ✅ Available | Outbound |
| Notifications | ✅ Available | Outbound via SMTP or Seliq domain |
How integrations are authenticated
Section titled “How integrations are authenticated”Seliq supports the following authentication patterns:
- API key / token — Most SIEM and EDR platforms
- OAuth 2.0 — Google Chronicle, some cloud platforms
- Service principal — Microsoft Sentinel, Azure
- Webhook shared secret — CrowdStrike, SentinelOne push delivery
All credentials are encrypted at rest using AES-256. Secret values are never returned in API responses or shown in the UI after initial save.