Integrations

Plugs into your SOC stack

Brandefense delivers takedown intelligence where your team already works — Slack channels, ticketing systems, SIEM ingestion pipelines, and REST API. No new dashboard to babysit.

Available integrations

Six integration paths

Slack Alerts

New threat detections and takedown status updates posted directly to your SOC Slack channel. Configurable alert thresholds — filter by severity, threat type, or brand keyword.

Growth + Enterprise

Generic Webhook

JSON webhook delivery to any endpoint — PagerDuty, OpsGenie, custom SOC tooling, or incident management systems. Signed with HMAC-SHA256 for authenticity verification.

Growth + Enterprise

Jira Tickets

Automatic Jira ticket creation for each new threat detection. Ticket includes evidence links, registrar contact status, and SLA timer. Closed automatically when takedown is confirmed.

Enterprise

SIEM Ingest

CEF/LEEF formatted events delivered to your SIEM via syslog or HTTP. Compatible with Splunk, IBM QRadar, and any SIEM that accepts standard event formats. Schema documented in the API reference.

Enterprise

REST API

Full programmatic access to detections, takedown status, evidence archives, and alert configuration. OAuth 2.0 authenticated. Rate limits: 1,000 requests/hour (Growth), unlimited (Enterprise). OpenAPI spec available.

Growth + Enterprise

CSV Export

Scheduled or on-demand CSV export of detection data and takedown history. Compatible with Excel and Google Sheets for reporting to leadership or compliance teams without API setup.

All plans

API reference

Sample takedown webhook payload

When Brandefense initiates a takedown, your webhook receives a signed JSON event. Schema is stable — versioned at v1.

json POST /your-webhook-endpoint 
{
  "event": "takedown.initiated",
  "version": "v1",
  "timestamp": "2026-04-12T09:14:22Z",
  "brand_keyword": "mybank",
  "threat": {
    "id": "thr_9f3a2c8e",
    "type": "lookalike_domain",
    "domain": "myb4nk-support.net",
    "registrar": "Namecheap, Inc.",
    "detected_at": "2026-04-12T08:58:04Z",
    "kit_signature": "16Shop v3.2",
    "score": 94
  },
  "takedown": {
    "status": "abuse_sent",
    "abuse_contact": "[email protected]",
    "sent_at": "2026-04-12T09:12:17Z",
    "sla_deadline": "2026-04-12T12:58:04Z",
    "evidence_url": "https://getbrandefense.com/evidence/thr_9f3a2c8e"
  },
  "signature": "sha256=a4f9c2b1..."
}

Request API access

Get started

Your brand is being impersonated right now.

Brandefense finds and removes it — before your customers report it.

Request Takedown Demo View Pricing