Kikimora

[ integrations ]

Your security stack,
unified.

Connect AWS, Azure, Cloudflare, GitHub, Qualys WAS, Tenable, FortiGate and 11 more security tools. All via read-only APIs. No agents to install. No complex configuration.

Kikimora is a conversational AI security agent. It folds findings from cloud, edge, code, database, vulnerability scanning, and detection tools into one chat, so you can triage, audit, and remediate across the whole stack by asking. Four capabilities, including web application scanning and external exposure lookups, are built in with no third-party license required.

Cloud Infrastructure

⊘ Connected

AWS

Gain deep visibility into your AWS security posture - findings, configurations, and logs in one conversation.

  • Security Hub & GuardDuty findings
  • IAM & S3 configurations
  • EC2 & CloudTrail logs

TRY ASKING:

“Show me all active critical findings from AWS Security Hub across all regions.”
⊘ Connected

Azure

Defender alerts, RBAC audits, and network security groups - queried and fixed conversationally.

  • Defender for Cloud alerts
  • RBAC & NSG audits
  • Public IP monitoring

TRY ASKING:

“List all public IP addresses in my Azure subscription and show related high-severity alerts.”
⊘ Connected

Hetzner

Hetzner Cloud servers, firewalls, and DNS - audited in plain language.

  • Server & resource inventory
  • Cloud firewall management
  • Load balancer & DNS review

TRY ASKING:

“List our Hetzner cloud firewalls and flag rules that expose SSH to the internet.”
⊘ Connected

Linode

Linode (Akamai) instances and firewalls in your security conversation.

  • Instance & volume inventory
  • Cloud firewall auditing
  • Network exposure checks

TRY ASKING:

“Which Linode instances have no cloud firewall attached?”

Edge & Network

⊘ Connected

Cloudflare

Audit DNS, firewall rules, and edge security - then deploy changes from the same conversation.

  • DNS records management
  • WAF rule auditing
  • Edge security configs

TRY ASKING:

“List all firewall rules configured for the production zone.”
⊘ Connected

FortiGate

Firewall policy visibility for your Fortinet estate, conversationally.

  • Firewall policy review
  • Network object audits
  • Configuration visibility

TRY ASKING:

“Review the FortiGate policies that allow inbound traffic from the internet.”

DevSecOps & Code

⊘ Connected

GitHub

Code scanning alerts, repository security settings, and Dependabot - security shifted left, conversationally.

  • Code scanning alerts
  • Repository security settings
  • Dependabot integration

TRY ASKING:

“List all open code scanning alerts for the organization, sorted by date.”
⊘ Connected

SonarCloud

Quality gates, static analysis findings, and security hotspots - without leaving the conversation.

  • Code quality gates
  • Static analysis findings
  • Security hotspots

TRY ASKING:

“Search for projects that have failing security gates.”
⊘ Connected

Vercel

Deployment configuration, domain security, and project settings under one watchful eye.

  • Deployment configuration
  • Domain security
  • Project settings

TRY ASKING:

“List all deployments for the frontend app and their current status.”

Operations & Incident Response

⊘ Connected

ServiceNow

Bridge findings to operations - incidents created, assigned, and tracked from one prompt.

  • Security incident management
  • CMDB asset sync
  • Change request tracking

TRY ASKING:

“List all active security incidents with High or Critical priority.”
⊘ Connected

Sentry

Error tracking and security-relevant exceptions, correlated with the rest of your stack.

  • Error tracking
  • Security-related exceptions
  • Performance monitoring

TRY ASKING:

“Show recent security-related exceptions in production.”

Database & Backend

⊘ Connected

Supabase

Security advisors, auth configuration, and Postgres logs - your backend, watched.

  • Security advisors
  • Auth configuration
  • Postgres logs

TRY ASKING:

“Show me all security recommendations for the project.”
⊘ Connected

PlanetScale

Schema management and access control reviews for your database layer.

  • Schema management
  • Access control reviews
  • Database branching

TRY ASKING:

“Check for schema changes that might expose sensitive data.”

Vulnerability Management

Qualys WAS
✦ Built-in

Qualys WAS

Enterprise web application scanning, included - no Qualys license to buy.

  • Full scan lifecycle - launch, monitor, cancel
  • Crawl configuration & scan templates
  • Authenticated scan management

TRY ASKING:

“Launch a web application scan against our staging app and summarize new findings.”
⊘ Connected

Tenable

Tenable vulnerability data folded into conversational triage and compliance evidence.

  • Vulnerability listings
  • Severity-based filtering
  • Compliance reporting input

TRY ASKING:

“List vulnerabilities affecting internet-facing assets, ordered by severity.”

Attack Surface

Shodan
✦ Built-in

Shodan

See your infrastructure the way the internet sees it.

  • External exposure lookups
  • Open port intelligence
  • Internet-facing service data

TRY ASKING:

“What does Shodan know about our public IP ranges?”
✦ Built-in

Network Scanner

Scan internal networks from the inside - no VPN, no exposed ports, no license.

  • Local deployment in minutes
  • No VPN or port forwarding
  • Agent-controlled scans & results

TRY ASKING:

“Deploy the network scanner and map every device on the office subnet.”

Detection & SIEM

Wazuh
✦ Built-in

Wazuh

Host-based detection events in the same conversation as the rest of your stack.

  • Security event queries
  • Agent status monitoring
  • Alert triage

TRY ASKING:

“Summarize Wazuh alerts from the last 24 hours by severity.”

Don't see your tool?

We are constantly adding new integrations.

Request an Integration