You can integrate Device Security through Cortex XSOAR with Forescout, a NAC (Network Access Control) platform. Once integrated, you can manually export the attributes of devices in the Device Security inventory to populate host properties on your Forescout instance and thereby enrich its device inventory. Additionally, when a security alert is triggered, you can send an attribute from Device Security to Forescout that it can use to quarantine an endpoint device or release it from quarantine.

Device Security integrates with Forescout through Cortex XSOAR and an on-premises XSOAR engine.

Integrating with Forescout requires either a full-featured Cortex XSOAR server or the purchase and activation of an Device Security third-party integration add-on license, which comes with a free cohosted Cortex XSOAR instance. The basic plan includes a license for three integration add-ons, one of which can be used for Forescout. The advanced plan includes a license for all supported third-party integrations.