Integrations & workflows
How threats get in and work gets done — ingestion sources, provider adapters, Temporal workflows, and scans.
The plumbing — where detections come from and how durable background work runs.
Video uploads in progress
Tutorial recordings are still uploading and transcoding, so the players below are placeholders for now. The outlines are final — videos will appear here automatically once processing completes.
Threat-feed ingestion
4:30The four ingestion paths — manual, scan, NothingPhishy, and API — converging on one triage router.
Provider adapters overview
3:50URLScan, WhoisXML, NothingPhishy, CleanDNS, and WhoisFreaks behind adapter boundaries — no raw calls in the UI.
Durable workflows on Temporal
4:10Why long-running work runs on Temporal Cloud, the Render worker, and how a workflow run is tracked.
The Scan Center
3:35Configure a scan, run it, and watch results land in the threat feed as scoped detections.
Bulk imports and CSV intake
3:15Importing cases and clients in bulk, with validation and source labelling preserved.
Inline vs Temporal execution
2:50The inline fallback for local demos and the Temporal path for production — and when each is used.