Kikimora
← all integrations

Cloud Infrastructure

Azure

Defender alerts, RBAC audits, and network security groups - queried and fixed conversationally.

TRY ASKING:

“List all public IP addresses in my Azure subscription and show related high-severity alerts.”

  • “Which NSG rules allow inbound RDP or SSH from any address?”
  • “Show me Defender for Cloud recommendations I have not actioned, ordered by severity.”
  • “Audit RBAC for accounts with Owner or Contributor at subscription scope.”

Kikimora reads your Azure estate through least-privilege APIs: Defender for Cloud alerts, role assignments, network security groups, and exposed addresses. Correlate an alert to the rule that allows it, then fix the rule, with an audit entry written for every change.

Manage Azure security from one conversation

The integration covers the parts of Azure most likely to hide risk: Defender for Cloud alerts and recommendations, network security group rules, public IP exposure, and RBAC assignments. Instead of pivoting between the Defender blade, the networking pane, and the IAM screen, you ask one question and the agent stitches the answer together, then offers the fix when you want it.

What you can do

  • Triage Defender for Cloud alerts by severity and affected subscription.
  • Audit NSG rules and flag overly-permissive inbound access.
  • Map public IPs to the workloads behind them.
  • Review RBAC assignments for privilege creep.

Things you might ask

  • “Map every public IP in the subscription to the workload behind it and any high-severity alert on it.”
  • “Which RBAC role assignments grant standing privileged access that nobody has used in 60 days?”
  • “Walk the NSG rules that expose management ports and propose tighter source ranges.”

Azure is one cloud in a stack that usually spans several. Pair it with the AWS integration for cross-cloud posture in a single chat, or with Hetzner if you run European infrastructure alongside the hyperscalers. The agent treats all of them as one surface, so an exposure question answers across every cloud you have connected.

Connect Azure - free Browse all integrations

[ faq ]

What access does Kikimora need in Azure? +

A least-privilege, read-only role over the subscriptions you want covered. That is enough to triage Defender alerts, audit NSG rules, and review RBAC. The default posture is read-only.

Is the integration read-only, or can it change my NSG rules? +

Reading is the default. When a rule needs tightening, the agent proposes the exact change and applies it only after you approve, writing an audit entry for every approved change.

How long does setup take? +

Usually a few minutes. You register Kikimora as a read-only app or assign the role, then point it at the subscriptions. No agents run inside your VMs.

Does it cover more than one subscription? +

Yes. You can grant access across multiple subscriptions and ask questions that span all of them at once.

More in Cloud Infrastructure

AWS
Hetzner
Linode