Enable integrations
Integrations are configured through the config and secret manifests, not in the application UI. You add each integration’s keys and settings to the manifests you prepared in Configuration, re-apply them, and roll the affected pods.
Only the LLM Service is required. Every other integration is optional. Enable them at install time, or add them later by updating the manifests.
Client-owned keys or Zentara Gateway
Section titled “Client-owned keys or Zentara Gateway”For each integration, choose one:
- Client-owned key: the client supplies their own account and API key, and ZEN-INTEL calls the provider directly.
- Zentara Gateway: calls are routed through the Gateway, which holds the upstream credentials. Usage is metered and billed through ZEN-INTEL.
The choice is per integration, so a client can mix both.
How to enable an integration
Section titled “How to enable an integration”- Add the integration’s credential to
secret.example.yaml, and any URL or enable flag toconfig.example.yaml. - Re-apply the ConfigMap and Secret:
Terminal window kubectl apply -n zenintel -f config.yamlkubectl apply -n zenintel -f secret.yaml - Roll the affected pods (backend, worker, and AI service) so they pick up the new values:
Terminal window kubectl rollout restart deployment -n zenintel - Verify from the platform by triggering the relevant enrichment or scan.
Available integrations
Section titled “Available integrations”Required
- LLM Service: AI analysis, chat, and enrichment.
Optional
- Intel Sharing Platform and Intel Knowledge Base: threat intel feeds.
- Virus Scanner: file, hash, and URL reputation.
- Exposure Scanner: host and exposure data.
- Malware Feed: malware samples.
- Phantom: dark web data source.
- OSINT Lookup and Search Provider: OSINT enrichment.
- Vulnerability Database: CVE data.
- Certificate Monitor: certificate transparency.
- GitHub: code and secret-leak search.
- Alert Channel: outbound alerts.
Bundled scan tools (Port Scanner, Domain Monitor, Vulnerability Scanner) run in-cluster and are toggled in config.example.yaml, not keyed.
Exact keys and defaults are in config.example.yaml and secret.example.yaml.