Integrations

Every source is a signal in your risk score

Native connectors for EDR, MDM, scanners, and CMDB. Each integration adds a dimension - control coverage, vulnerability findings, asset exposure - that makes the priority score more accurate.

Koopic integrates with your existing security stack to build the unified asset inventory and control-coverage data that drives risk-based vulnerability prioritization. The more sources you connect, the more accurately Koopic can identify which vulnerabilities are already neutralized by controls you run - and which ones genuinely need patching.

Available Now

Production Ready
Microsoft Defender for Endpoint

Microsoft Defender for Endpoint

EDR / Security

EDR sensor health and endpoint control presence - a key compensating-control signal for risk scoring.

View Microsoft Defender for Endpoint integration
Microsoft Intune

Microsoft Intune

MDM / Endpoint Management

MDM enrollment and compliance status - distinguishes managed endpoints from unmanaged exposure.

View Microsoft Intune integration
Azure Virtual Machines

Azure Virtual Machines

Cloud IaaS

Cloud VM exposure context - internet-facing cloud assets carry higher inherent risk weight.

View Azure Virtual Machines integration
Active Directory

Active Directory

On-Prem / Identity

Organizational context and asset identity - OU, domain, and last-logon data enrich exposure scoring.

View Active Directory integration
Zabbix

Zabbix

On-Prem / Monitoring

Network reachability and monitoring coverage - active alerts and interface data inform exposure.

View Zabbix integration
OCS Inventory

OCS Inventory

On-Prem / CMDB

Hardware identity and OS details - serial numbers and BIOS data anchor the golden-record deduplication.

View OCS Inventory integration
Universal REST API

Universal REST API

Universal Connector

Connect any tool with an HTTP API - bring scanner findings, CMDB records, or control data into scoring.

View Universal REST API integration
ManageEngine Endpoint Central

ManageEngine Endpoint Central

UEM / Endpoint Management

Patch health and disk encryption status - concrete compensating-control signals for endpoint risk scoring.

View ManageEngine Endpoint Central integration
Datto RMM

Datto RMM

RMM / Endpoint Management

AV health and patch state across managed sites - RMM visibility feeds endpoint control coverage.

View Datto RMM integration
File Import

File Import

File Import

Import asset and vulnerability data from CSV, Excel, or JSON - connect any tool that exports files.

View File Import integration

On the Roadmap

Coming Soon

These connectors are in development. In the meantime, connect any of them today using the Universal REST API adapter.

CrowdStrike Falcon

CrowdStrike Falcon

EDR / Security

CrowdStrike Falcon sensor presence - EDR coverage and prevention policy as a compensating-control signal.

Qualys VMDR

Qualys VMDR

Vulnerability Management

Vulnerability management data, host assets, and scan results from Qualys.

Tenable.io

Tenable.io

Vulnerability Management

Asset inventory and vulnerability data from Tenable vulnerability management.

Jamf Pro

Jamf Pro

MDM / Endpoint Management

Apple device management and compliance status - MDM enrollment and policy state for macOS/iOS scoring.

ServiceNow CMDB

ServiceNow CMDB

ITSM / CMDB

CMDB configuration items - business criticality and CI relationships as asset context for scoring.

Rapid7 InsightVM

Rapid7 InsightVM

Vulnerability Management

Asset inventory and vulnerability data from Rapid7 InsightVM.

SolarWinds

SolarWinds

Network Monitoring

Network node inventory and monitoring coverage - reachability data informs asset exposure scoring.

Don't see your tool?

The Universal REST API adapter connects to any tool with an HTTP endpoint. Or tell us what you need - connectors are built based on design partner demand.

Universal REST API Request an Integration

Frequently Asked Questions

What integrations does Koopic support?
Koopic has native connectors for Microsoft Defender for Endpoint, Microsoft Intune, Azure Virtual Machines, Active Directory, ManageEngine Endpoint Central, Datto RMM, OCS Inventory, Zabbix, and file import (CSV, JSON, Excel). The Universal REST API adapter connects to any tool with an HTTP endpoint. Coming soon: CrowdStrike Falcon, Tenable.io, Qualys VMDR, Rapid7 InsightVM, Jamf Pro, ServiceNow CMDB, and SolarWinds.
How does each integration contribute to risk scoring?
Each source adds a different dimension to Koopic's risk model. EDR tools (Defender, CrowdStrike) contribute control-presence signals - whether a compensating control is already neutralizing the exploit path. Scanners (Tenable, Qualys, Rapid7) contribute vulnerability findings that Koopic re-scores against real asset exposure. Identity and CMDB sources (Active Directory, ServiceNow) contribute asset context like business criticality, internet-facing status, and organizational ownership. The unified inventory is the engine that makes the risk score trustworthy.
Can Koopic connect to a tool that isn't listed?
Yes. The Universal REST API adapter connects to any tool with an HTTP endpoint by configuring the URL, authentication, and field mapping. For on-prem tools, the Koopic Agent includes built-in collectors plus a REST adapter. New native connectors are built based on design partner demand.
How does the on-prem agent work?
The Koopic Agent is a lightweight Docker container you deploy on your network. It collects data from on-prem sources like Active Directory, OCS Inventory, and Zabbix, stores it in encrypted local storage, and pushes encrypted payloads to Koopic Cloud with automatic retry on network failures.
Does Koopic deduplicate assets across sources?
Yes. Koopic's unified inventory engine merges records from multiple sources into a single golden record per asset using configurable merge keys (hostname, serial number, MAC address, or custom fields). A device that appears in Defender, Intune, and Active Directory becomes one row - with all three sources' data present for the risk scoring engine to use.

See it on your data

Work with us directly to run Koopic's prioritization engine on your actual vulnerability and asset data.

Become a design partner How the scoring works