Connect to everything
Connect Mondoo to your entire infrastructure. From cloud providers to CI/CD pipelines, we integrate with the tools you already use.
Popular integrations
AWS
Assess security and compliance of AWS organizations and accounts
Azure
Evaluate Azure subscriptions for security posture
Google Cloud
Monitor Google Cloud organizations and projects
Kubernetes
Use Mondoo Operator for cluster assessment
Terraform
Assess Terraform projects and state files
GitHub Actions
Continuous security testing in GitHub workflows
Qualys
Import vulnerability data from Qualys VMDR
CrowdStrike Falcon
Import EDR data and threat intelligence
Snyk
Import Snyk vulnerability and dependency findings
102 integrations
Aikido Security
Application SecurityImport Aikido application security findings
AIX
Operating SystemsAssess IBM AIX systems security
AlmaLinux OS
Operating SystemsEvaluate AlmaLinux OS security
Alpine Linux
Operating SystemsScan Alpine containers and systems
Amazon Linux
Operating SystemsScan Amazon Linux instances
Amazon S3
Data ExportExport security data to S3 buckets
Ansible
Infrastructure as CodeEvaluate playbook security configurations
Arch Linux
Operating SystemsAssess Arch Linux systems
Archer
GRCExport compliance data to RSA Archer
Arista
NetworkAssess Arista network device security
Arnica
Application SecurityIntegrate Arnica developer security data
Atlassian
SaaSMonitor Jira, Confluence, and SCIM
AWS
CloudAssess security and compliance of AWS organizations and accounts
AWS ECR
ContainersIntegrate AWS Elastic Container Registry
AWS Inspector
Vulnerability ManagementImport AWS Inspector vulnerability findings
Azure
CloudEvaluate Azure subscriptions for security posture
Azure ACR
ContainersIntegrate Azure Container Registry
Azure Blob Storage
Data ExportExport data to Azure storage
Azure DevOps
Ticket SystemsCreate work items in Azure DevOps
Azure Pipelines
CI/CDContinuous testing in Azure DevOps
BigQuery
Data ExportExport and analyze in BigQuery
BitSight
Third-Party RiskIntegrate BitSight security ratings
Bottlerocket
Operating SystemsScan AWS Bottlerocket container hosts
Checkmarx
Application SecurityImport Checkmarx SAST/DAST results
CircleCI
CI/CDSecurity scanning in CircleCI pipelines
Cisco
NetworkEvaluate Cisco network device security
CloudFormation
Infrastructure as CodeTest AWS CloudFormation templates
CrowdStrike Falcon
EDRImport EDR data and threat intelligence
Debian
Operating SystemsAssess Debian system security
Docker
ContainersEvaluate Docker container environments
Docker Hub
ContainersIntegrate Docker Hub registries
Fedora Linux
Operating SystemsEvaluate Fedora Linux workstations
Fortinet
NetworkEvaluate FortiGate firewall security
GitHub
SaaSAssess organizations and repositories
GitHub Actions
CI/CDContinuous security testing in GitHub workflows
GitHub Advanced Security
Application SecurityImport GHAS code scanning alerts
GitLab
SaaSAssess groups and projects
GitLab CI/CD
CI/CDPipeline security testing integration
GitLab Security
Application SecurityIntegrate GitLab security scanning results
Google Cloud
CloudMonitor Google Cloud organizations and projects
Google GCR
ContainersIntegrate Google Container Registry
Google Workspace
SaaSMonitor Google Workspace environments
Jenkins
CI/CDIntegrate security scans into Jenkins builds
Jira
Ticket SystemsCreate issues for security findings
Kubernetes
ContainersUse Mondoo Operator for cluster assessment
Lacework
Cloud SecurityIntegrate Lacework cloud security data
macOS
Operating SystemsEvaluate macOS security posture
Mend
Application SecurityIntegrate Mend (WhiteSource) SCA findings
Microsoft 365
SaaSAssess M365 environments and configurations
MS Defender for Endpoint
EDRImport Defender EDR findings
Microsoft Defender VM
Vulnerability ManagementIntegrate Defender vulnerability management
Microsoft Entra ID
SaaSAssess Azure AD / Entra ID configurations
MS Defender for Cloud
Cloud SecurityIntegrate Azure Defender findings
Okta
SaaSEvaluate Okta identity resources
OneTrust
GRCIntegrate with OneTrust GRC platform
Oracle Cloud
CloudAssess OCI tenancies and resources
Oracle Linux
Operating SystemsEvaluate Oracle Linux systems
Orca Security
Cloud SecurityImport Orca cloud security findings
Packer
Infrastructure as CodeAnalyze Packer builds and images
Palo Alto Networks
NetworkAssess Palo Alto firewall configurations
Photon OS
Operating SystemsAssess VMware Photon OS security
PostgreSQL
Data ExportExport findings to PostgreSQL databases
Qualys
Vulnerability ManagementImport vulnerability data from Qualys VMDR
Rapid7
Vulnerability ManagementImport InsightVM vulnerability data
Red Hat Enterprise Linux
Operating SystemsEvaluate RHEL systems
Rocky Linux
Operating SystemsAssess Rocky Linux systems
SecurityScorecard
Third-Party RiskCorrelate with vendor risk ratings
Semgrep
Application SecurityIntegrate Semgrep SAST findings
SentinelOne Singularity
EDRIntegrate endpoint detection and response data
ServiceNow GRC
GRCIntegrate with ServiceNow compliance
Shodan
NetworkIntegrate Shodan reconnaissance data
Slack
SaaSMonitor Slack workspace security
Snowflake
SaaSAssess Snowflake data warehouse security
Snowflake Export
Data ExportExport findings to Snowflake
Snyk
Application SecurityImport Snyk vulnerability and dependency findings
SUSE / openSUSE
Operating SystemsAssess SUSE and openSUSE systems
Tailscale
NetworkQuery Tailscale network devices
Tanium
Vulnerability ManagementIntegrate Tanium vulnerability and asset data
Tenable
Vulnerability ManagementIntegrate Tenable.io and Nessus findings
Terraform
Infrastructure as CodeAssess Terraform projects and state files
Ubuntu
Operating SystemsScan Ubuntu servers and desktops
UpGuard
Third-Party RiskImport UpGuard risk assessment data
VMware
CloudEvaluate vCenter Server, vSphere, ESXi systems
Windows
Operating SystemsScan Windows servers and endpoints
Wiz
Cloud SecurityImport Wiz cloud security findings
Zendesk
Ticket SystemsGenerate support tickets for findings
Aqua Security
ContainersContainer security and runtime protection
Armis
Asset ManagementImport asset inventory from Armis
Cribl
Threat IntelligenceIntegrate threat intelligence feeds via Cribl
Elastic Security
SIEMIntegrate with Elastic SIEM
Exabeam
SIEMIntegrate with Exabeam security analytics
Jamf
MDMEvaluate Jamf-managed device security
Kandji
MDMAssess Kandji-managed Apple devices
Microsoft Intune
MDMAssess Intune-managed endpoints
Microsoft Sentinel
SIEMExport findings to Azure Sentinel
MITRE ATT&CK
Threat IntelligenceMap findings to MITRE ATT&CK framework
PagerDuty
Ticket SystemsTrigger alerts for critical findings
Panther
SIEMExport findings to Panther SIEM
ServiceNow CMDB
Asset ManagementSync with ServiceNow asset database
ServiceNow ITSM
Ticket SystemsCreate incidents and change requests
Splunk
SIEMExport security data to Splunk
Zscaler
NetworkIntegrate Zscaler cloud security
Unified Security Across Your Entire Stack
Cloud Security Integrations
Mondoo integrates with AWS, Azure, Google Cloud, Oracle Cloud, and VMware to provide comprehensive security assessment of your cloud infrastructure. Use cnspec to scan IAM policies, network configurations, storage security, and compute resources to identify vulnerabilities and misconfigurations before they become breaches.
Container & Kubernetes Security
Deploy the Mondoo Operator in your Kubernetes clusters for continuous security monitoring. Integrate with Docker Hub, AWS ECR, Azure ACR, and Google GCR to scan container images for vulnerabilities. Query your infrastructure with cnquery to identify misconfigured workloads, exposed secrets, and compliance violations.
CI/CD Pipeline Security
Shift security left with native integrations for GitHub Actions, GitLab CI/CD, Azure Pipelines, CircleCI, and Jenkins. Run security scans as part of every build, block vulnerable deployments, and generate compliance reports automatically. Catch issues during development, not in production.
Vulnerability Management Consolidation
Import findings from Qualys, Tenable, Rapid7, Tanium, and other vulnerability scanners. Correlate data across tools to eliminate duplicate findings and prioritize remediation based on exploitability and business context. Agentic Vulnerability Management acts as your central hub for unified, AI-powered security posture management.
Integration Categories
Cloud Providers
AWS, Azure, GCP, OCI
Containers
Kubernetes, Docker, ECR
CI/CD
GitHub, GitLab, Jenkins
IaC
Terraform, Ansible, Packer
Vulnerability
Qualys, Tenable, Rapid7
EDR
CrowdStrike, SentinelOne
AppSec
Snyk, Semgrep, Checkmarx
Ticketing
Jira, ServiceNow, Zendesk
Don't see your integration?
Mondoo's extensible provider system lets you build custom integrations. Contact us to learn more.