Synqly’s Latest Releases for Security, IT, and AI Teams

Our latest Behind the Build session wrapped up the year with a clear theme: make integrations more flexible, more scalable, and easier to own long-term, for vendors, MSSPs, and internal platform teams alike.

This recap focuses on what actually shipped: new core platform capabilities, deeper category coverage (especially in cloud security and AppSec), and important updates to Synqly MCP and Synqly Embedded.

Watch the full webinar below:

Introducing The Connected Platform

Synqly’s mission is now explicitly defined as building the indispensable infrastructure that connects cybersecurity, IT, and AI. That shows up in a few key ways:

The Connected Platform for Security, IT, and AI – Our new and focused messaging positions Synqly as the trusted infrastructure that powers connections between tools, not just another point solution.
Integrations as connections – Whether we’re talking about “integrations,” “connections,” or “providers,” the goal is the same: move data between systems without forcing humans to constantly jump between consoles.
Unified API + categories – You connect once to a category (EDR, SIEM, Cloud Security, AppSec, Asset, etc.), and Synqly manages the growing ecosystem of individual products underneath. As new integrations are added, you turn them on via the console—no new engineering work required.

Under the hood, Synqly continues to maintain what we believe is the largest ecosystem of IT and security integrations in the industry, with close to 100 integration partners and growing.

Core Platform Upgrades

Adaptive Data Mapping is Now Fully Rolled Out

Adaptive Data Mapping is now generally available across the platform and all connectors. At its core, this is Synqly’s translation layer:

It normalizes data from any vendor schema down to OCSF, and then
Translates from OCSF back out to whatever schema you need.

Out of the box, Synqly ships with deep, built-in mappings. Adaptive Data Mapping takes that further by letting you:

Extend Synqly’s mappings when you want to tweak how specific values map between systems.
Override mappings entirely when you need full control.
Map your own internal schema to OCSF, so Synqly becomes the bridge between your internal model and every external provider.

This isn’t just a nice-to-have. it is one of the core pieces of long-term value in the platform, and it’s increasingly hard to replicate. It also sets the stage for what’s coming next: using Synqly MCP to automatically generate and update mappings instead of managing them manually.

Async Operations: Scheduled Jobs for Large Data Sets

Traditionally, Synqly’s usage pattern has been straightforward:

Synchronous request → Synqly Unified API → Vendor → Response

Now we’ve added a second way to work: scheduled, asynchronous operations.

With async operations you can:

Configure scheduled jobs (for example, “pull vulnerabilities every 24 hours”).
Dump results into your own S3 bucket (or other sink providers).
Let Synqly handle retries, paging, and error handling across all the upstream products.

This is ideal when you’re:

Moving large volumes of data on a regular cadence.
Feeding data into security data lakes, analytics platforms, or warehousing layers.
Trying to avoid tight coupling to individual vendor APIs and rate limits.

The result: you can treat Synqly as an ongoing data pipeline, not just a request/response broker.

SDK and Management UX Improvements

On the usability side, the team delivered several quality-of-life enhancements:

Python SDK stability: A more rigorous schema validation process before SDKs go out, reducing edge-case mismatches for customers who rely on the SDK heavily.
Management console polish: Ongoing improvements across configuration, filters, and workflows to keep Synqly aligned with the goal of being “the easiest integration you’ll ever build.”

Expanding the Integration Ecosystem

New Providers, Especially in Cloud Security and AppSec

Customer demand has strongly shaped where we’ve invested this quarter:

Cloud Security: Major new integrations and expanded capabilities, with more on the way.
Application Security (AppSec): A category that went from “on the roadmap” to “high priority” almost overnight based on customer requests.

Synqly continues to operate with a simple rule:

If customers need it and it fits the platform, we prioritize it.

That’s reflected in both new connectors and deeper capabilities within existing ones.

Mock Providers: Faster Integration Build-Outs

Mock providers continue to be a quiet but powerful feature:

They let you build and test integrations without standing up real environments for every product.
Data isn’t random, it’s representative of what the vendor actually returns, so you can validate mappings and flows realistically.
This removes a big source of friction and speeds teams towards “functionally complete” integrations.

If you need a mock provider for a product you don’t see yet, Synqly can prioritize it based on customer requests.

Deepening Cloud Security Coverage

Cloud security has emerged as one of our biggest focus areas over the last few months. Recent and upcoming capabilities include:

AWS Security Hub: Integrated as a core CSPM data source.
Palo Alto Cloud Security: Added as another heavy hitter in the category.
Wiz and others: In progress, as part of a broader push to comprehensively support the major cloud security platforms.

Customers have been clear: they want a complete, vendor-agnostic view of cloud security events and posture. Synqly is building out that coverage as quickly and as thoughtfully as possible.

Growing AppSec Integrations

AppSec went from “planned” to “urgent” based on customer input. What’s live and what’s coming:

Live
- An initial AppSec connector set
- AWS Inspector
- GitLab for relevant AppSec/security data
In development
- Snyk
- GitHub
- JFrog
- On-prem versions of key AppSec tools

The goal is to give customers a single, consistent way to pull, normalize, and act on AppSec data, whether their tools are SaaS, self-hosted, or hybrid.

Better SIEM Integrations and Event Flows

SIEM and security analytics integrations have always been foundational to Synqly. This quarter focused on making them more consistent and more transparent.

Standardizing Alert Queries

Synqly has been working across all SIEM vendors to provide a clean, unified way to query alerts, and is now in the homestretch of that effort. Recent work includes:

Google SecOps (formerly Google Chronicle, reflected as a “Google SecOps” SIEM)
CrowdStrike Next-Gen SIEM
Microsoft Sentinel

The aim is a more predictable experience across SIEMs when querying alerts, regardless of the underlying vendor.

Event Ingest Acknowledgements

A new feature came directly from customer feedback around event flows: When you send bulk events into a SIEM, Synqly can now:

Provide response messages confirming which events were accepted.
Flag which events were rejected and why.

This gives you confidence and visibility into your ingest pipelines instead of treating SIEMs as black boxes.

Synqly MCP: Powering Agentic Workflows

Synqly MCP (Model Context Protocol) continues to evolve to support AI agents and “agentic” workflows that interact with security and IT tools. Recent updates include:

JWT-based authentication for MCP: Making it easier to securely connect agents to Synqly.
Support for new AppSec connectors via MCP: Bringing the growing AppSec category into AI-driven workflows.
Improved help text and filtering: Making agent–MCP interactions more reliable and predictable.

Next up: integrating Adaptive Data Mapping into MCP, so agents can help automatically generate and update mappings, removing even more manual overhead from integration ownership.

Synqly Embedded: Scaling Self-Hosted Deployments

For customers who self-host, Synqly Embedded is the on-premise deployment option that’s kept in lockstep with the SaaS version. Recent work focused on performance and horizontal scale:

Support for Memcached as a caching layer between Synqly Embedded and the database.
Additional improvements to enable horizontal scaling across nodes.
Continued binary compatibility with SaaS, so new capabilities land in both worlds together.

For customers with strict data residency requirements or fully private environments, Synqly Embedded is becoming an increasingly powerful option.

Stay Close to What’s Shipping Next

A few ways to keep up with what’s changing between Behind the Build sessions:

Changelog: The week-to-week details of what shipped live on our documentation site.
Customer Slack workspaces: If you’re a customer, you’re likely already in our shared Slack; Monday updates summarize what changed recently.
Future Behind the Build sessions: This was the final session of the year; the next one is scheduled for early next quarter.

If you’re already using Synqly and want to learn more about any of these new capabilities, from Adaptive Data Mapping, async operations, new cloud/AppSec connectors, MCP improvements, or Synqly Embedded scaling, book a demo today.

Product

FEATURES

Integration Partners

Explore Current Integrations

Join Our Partner Program

Solutions

About

Company

LATEST NEWS

Synqly included in Google’s new partner-supported workflows for Google Security Operations

Synqly Announces Integration with Google Security Operations, Expanding Connectivity for Cybersecurity Providers of All Sizes

Synqly Launches Adaptive Data Mapping, Empowering Customizable, Scalable Integration Workflows