One extension, plus the
connections that give it reach

The browser extension does the detection. These integrations add directory context, let Fantomo act on offboarding and session threats, and push alerts to where your team already works.

Directory & identity

Sync users and groups, and act on access when it matters.

Google Workspace

Read-only directory and mail-log discovery. Map SaaS usage to OUs and groups, and offboard with token revocation.

Microsoft 365 / Entra ID

Directory and OAuth context through Microsoft Graph. Identity-only mode covers Entra ID for orgs that don't use Microsoft mail.

Okta

Sync users and groups with an API token. Add lifecycle and session scopes to deactivate accounts and clear sessions. No add-on required.

Alerting & workflow

Send the right signal to the right place, and automate the response.

Slack

Route alerts to channels and send direct messages. Employees can answer check-ins right in Slack.

Outbound webhooks

Subscribe to detections, DLP events, breaches, and more. Send signed payloads to your own systems.

Playbooks

Trigger automated responses on events like a new AI agent, a risky app, a breach, or an offboarding.

Intelligence & SIEM

Enrich vendor risk and stream everything to your security stack.

HaveIBeenPwned

Breach data for the vendors you use, and for their sub-processors, so supply-chain exposure surfaces as its own alert.

SIEM: Splunk, Sentinel, CrowdStrike

Stream detections and audit logs to your SIEM through the API and webhooks for correlation and retention.

MDM: Intune, Jamf, Google

Force-install and configure the extension across Chrome and Edge with a managed policy. No user interaction.

Get Started Free Book a Demo