Security Flow Plugins
Plugins extend Security Flow by integrating in products and services.
  • Provides Automation Capabilities
  • Provides Flow Nodes to Orchestrate the Automation
  • Batch Changes Across Devices & Services

Security Flow Plugins

Integrate many different security products to reduce incident response times.
  • Firewalls
  • Web Gateways
  • Email Security
  • Endpoint Security Systems
  • Security Information and Event Management (SIEM)
  • Intrusion Detection and Prevention Systems (IDPS)
  • Vulnerability Management Solutions
  • DNS, DHCP and IP address management (DDIs)
  • Threat Intelligence & Telemetry
  • Sandbox
  • IT Incident Ticketing Systems
  • Next Generation Firewalls (NGFWs)

Security Flow URL Scan Plugin exposes and automates URLScan functionality. urlscan.io is a service to scan and analyze websites.

LDAP / Active Directory

The LDAP / Active Directory (AD) Plugin exposes and automates the management of users within groups.


The Panorama plugin allows for blocking/unblocking of Domains, URLs, and IP addresses, decommissioning servers, and performing bulk actions.

Microsoft Azure AD

The Security Flow Azure AD Plugin exposes the ability to view and manage groups, view and manage users, and search and view sign-in information.

Recorded Future

The Security Flow Recorded Future Plugin exposes and automates the enrichment of incidents with threat intelligence using either cached risk list data or up-to-date information from the Recorded Future API. This plugin enriches domain, file hash, IP address, and URL Indicators of Compromise (IoCs).

Nevelex Labs Reports

Utility plugin which adds in Dashboards reporting capabilities.


The Security Flow APIVoid Plugin exposes and automates APIVoid functionality. APIVoid is a service that analyzes URLs and IPs using multiple online threat intelligence engines to detect malicious URLs and IPs.


The OPNsense plugin allows for blocking/unblocking of Domains, URLs, and IP addresses.


Utility plugin to retrieve whois information for a domain and navigate flows based on domain ages.

McAfee NSP

The McAfee Network Security Platform (NSP) Plugin adds the ability to retrieve real time attack data from NSP’s attack log.

Palo Alto Firewall

The Palo Alto Firewall plugin allows for blocking/unblocking of Domains, URLs, and IP addresses.


The Pastebin plugin provides a node to fetch a paste using a paste ID or pastebin.com URL.

McAfee TIE

McAfee Threat Intelligence Exchange optimizes threat detection and response by closing the gap from malware encounter to containment from days, weeks, and months down to milliseconds.

McAfee CSR

McAfee CSR is a reporting software solution that helps you identify and analyze a broad range of data collected from your network devices.

McAfee ATD

Security Flow ATD Plugin exposes and automates McAfee ATD functionality.  McAfee Advanced Threat Defense combines in depth static code analysis, dynamic analysis (malware sandboxing), and machine learning to increase zero-day threat detection, including threats that use evasion techniques and ransomware.


The Security Flow X-Force Plugin exposes and automates X-Force functionality. X-Force provides a cloud-based threat intelligence sharing platform that enables users to research threats, collaborate with peers and take action.


Security Flow MaxMind Plugin helps determine the geolocation of a particular host. The Nevelex Labs MaxMind plugin will allow a user to design flows that include physical location of machines used in threats.

Office 365 (O365)

Nevelex Labs provides a configurable Office 365 plugin that exposes and automates the Office 365 email compliance search capability. Security Flow allows for designing flows that start/stop compliance searches and purges dangerous email.

RAPID7 Nexpose

The Security Flow RAPID7 Nexpose Plugin exposes and automates the Nexpose network vulnerability scanner software. In addition to initiating as network scan, Security flow allows a user to manage the list of networks to scan.


Security Flow’s ServiceNow plugin exposes and automates the creating, reading, updating, and deleting of records in the ServiceNow tables.

Check Point

Security Flow Checkpoint Plugin exposes and automates Check Point network analysis and firewall management system. The Nevelex Labs Checkpoint plugin will allow a user to design flows that include network analysis and firewall based responses to threats.


Security Flow Infoblox Plugin exposes and automates Infoblox network analysis and DNS management system. The Nevelex Labs Infoblox plugin will allow a user to design flows that include network analysis and DNS, DHCP & IPAM based responses to threats.


Security Flow’s VirusTotal plugin exposes and automates VirusTotal’s threat intelligence system

McAfee ESM

Nevelex Labs Security Flow provides an Enterprise Security Manager plugin that exposes and automates the McAfee ESM security information and event management (SIEM) platform.

McAfee ePolicy Orchestrator (ePO)

McAfee ePolicy Orchestrator plugin exposes and automates the McAfee endpoint management platform.

McAfee Web Gateway

Nevelex Labs provides a McAfee Web Gateway plugin to expose list management capabilities within the McAfee Web Gateway.

Nevelex Labs, Main Office

Metro Office Park
2950 Metro Drive, Suite 104
Bloomington, MN 55425
Phone: +1 952-500-8921

©Nevelex Labs, LLC. 2018-2020, All Rights Reserved.