Splunk
Send ASM findings (subdomain discoveries, port openings, CVE matches, certificate changes) and SAT campaign events into Splunk via HEC or syslog. Pre-built field mappings keep correlation rules clean.
Setup GuideIntegrations
HailBytes SAT and HailBytes ASM plug into the SIEM, ticketing, identity, and chat tools your team already runs. Findings, alerts, and audit logs route to the systems where the rest of security work happens.
SIEM & Logging
Stream ASM findings and SAT campaign events into your detection pipeline. Webhook and syslog adapters work with any SIEM that accepts structured input.
Microsoft Sentinel
Native log ingestion via Azure Log Analytics workspace. Ship findings with their full context for KQL queries and Sentinel detection rules.
Setup GuideElastic / ELK
Direct webhook delivery to Logstash or Elastic Cloud, with structured JSON that maps cleanly to ECS fields for cross-source correlation.
Setup GuideGoogle Chronicle
Webhook ingestion into Chronicle’s ingestion API with the standard ASM finding schema. Compatible with YARA-L detection authoring.
Setup GuideSumo Logic
HTTP source endpoint configuration for both ASM scan output and SAT campaign telemetry. Keep all security event data in one analytics platform.
Setup GuideGeneric Syslog / Webhooks
Any SIEM, log aggregator, or SOAR that accepts syslog (RFC 5424) or HTTPS webhooks works out of the box. Schema is documented in the API reference.
API ReferenceTicketing & Incident Response
Route triaged ASM findings and high-risk SAT events into the ticketing systems your security and ops teams work in daily.
Jira
Auto-create issues for new ASM findings above a severity threshold. Custom field mapping, project routing, and bidirectional status sync.
Routing Deep DiveServiceNow
Webhook-based incident creation against ServiceNow Security Incident Response (SIR) and ITSM. Status updates flow back via the API.
Talk to SalesPagerDuty
Page on-call for critical ASM findings (newly exposed admin panels, high-CVSS CVE matches, expired certs on production hosts).
Talk to SalesChat & Notifications
Slack
Per-channel routing for SAT campaign events (sends, clicks, reports) and ASM findings. Threaded updates and rich-formatted messages keep the security channel actionable.
Routing Deep DiveMicrosoft Teams
Adaptive Card notifications via incoming webhooks. Same routing rules as Slack — per-channel, severity-filtered, with deep-links back to the finding.
Talk to SalesEmail Digest
Daily or weekly digest emails summarizing SAT campaign progress and ASM surface drift, sized for executive stakeholders who don’t live in the security tools.
SAT DetailsIdentity & SSO
Per-tenant OIDC for enterprise SSO and clean identity boundaries on multi-client MSSP deployments.
Okta
OIDC application configuration for SAT and ASM. SCIM provisioning planned; today user provisioning is handled via the REST API.
API ReferenceMicrosoft Entra ID (Azure AD)
App registration with OIDC for SSO. Supported on both AWS and Azure marketplace deployments — the Entra tenant doesn’t have to match the cloud where HailBytes runs.
Talk to SalesGoogle Workspace
OIDC SSO via the Google identity provider. Supported on both SAT and ASM for both employee SSO and admin console access.
Talk to SalesOneLogin / JumpCloud / Generic OIDC
Any OIDC-compliant identity provider works. Configure per-tenant for MSSP deployments where each client brings their own IdP.
What is OIDC?Email Delivery (SAT)
SAT works with any SMTP-capable provider. The trick on phishing simulation is allowlisting, which the tutorials cover step-by-step.
Microsoft 365
Direct send + tenant allowlist configuration so simulated phishes reach inboxes instead of Defender quarantine. Covers Advanced Delivery Policy setup.
SMTP Setup GuideGoogle Workspace
SMTP relay configuration plus admin console allowlist rules so Gmail’s spam filtering doesn’t silently drop simulation emails.
SMTP Setup GuideSendGrid / Mailgun / SES
Any transactional SMTP provider works for outbound delivery. DMARC / SPF / DKIM alignment is documented in the deliverability tutorial.
Deliverability Deep DiveCloud & Marketplace
AWS Marketplace
One-click deploy with charges flowing through your existing AWS bill and counting toward AWS EDP commits. SAT and ASM each ship as a separate marketplace listing with a 30-day free trial.
Deploy from AWSAzure Marketplace
Same one-click deployment story on Azure, with charges counting toward Azure MACC commits. Supports private offers for annual and multi-year terms.
Deploy from AzureBuild Your Own
REST API
Full programmatic access to SAT campaigns, ASM scans, findings, and user records. Use it to build internal dashboards, custom integrations, or compliance evidence pipelines.
API ReferenceWebhooks
Subscribe to SAT and ASM events in real time. Standard JSON payloads with HMAC signing so your integration code can verify authenticity.
API ReferenceDon’t see your tool?
If we don’t list a specific integration, the REST API and generic webhook surface usually cover it in a few hours. Reach out and we’ll point you at the right starting place.
Contact Us