Everything You Need to Close the Exposure Gap

Microsoft Sentinel

Native integration with Microsoft Sentinel via the Log Analytics Data Collector API. Piscium streams validated exposures, attack graph snapshots, and remediation events into custom Sentinel tables. Analytics rules can correlate Piscium findings with Defender, Entra ID, and Azure activity logs for enriched threat detection.

Palo Alto XSOAR

Full SOAR integration with Palo Alto Cortex XSOAR. Piscium validated exposures automatically create XSOAR incidents with structured context — CVE details, affected assets, attack path visualization, and recommended fix actions. XSOAR playbooks can orchestrate Piscium re-scans, update remediation status, and close the loop on validated fixes.

Splunk

Bi-directional integration with Splunk Enterprise and Splunk Cloud. Piscium forwards validated exposure events, attack graph updates, and remediation status changes as structured CIM-compliant events into Splunk indexes. Splunk correlation searches can trigger Piscium re-scans via the REST API, creating a closed-loop detection-validation workflow.

Jira

Automated ticket creation and lifecycle management in Jira Cloud and Jira Data Center. Piscium creates detailed remediation tickets with exposure evidence, affected asset inventory, fix recommendations, and SLA deadlines. Ticket status changes in Jira automatically update remediation tracking in Piscium, and resolved tickets trigger verification re-scans.

ServiceNow

Enterprise ITSM integration with ServiceNow ITOM and Security Operations. Piscium creates and manages Change Requests, Incidents, and Vulnerability Response records with full exposure context. CMDB asset enrichment keeps the ServiceNow asset inventory synchronized with Piscium's continuously updated discovery data.

Qualys

Integration with the Qualys Cloud Platform including VMDR, Policy Compliance, and Global AssetView. Piscium ingests Qualys vulnerability detections and asset inventory data, validates which findings represent exploitable paths, and enriches Qualys TruRisk scores with confirmed exploitation evidence.

Rapid7 InsightVM

Integration with Rapid7 InsightVM (Nexpose) for vulnerability data ingestion and validated risk enrichment. Piscium consumes InsightVM scan data and asset metadata, validates exploitability with autonomous AI agents, and writes validated exposure status back to InsightVM tags and custom attributes for unified dashboarding.

Tenable

Bi-directional integration with Tenable Vulnerability Management (formerly Tenable.io) and Tenable.sc. Piscium ingests Tenable scan results as discovery inputs, then validates which vulnerabilities are actually exploitable in your environment. Validation results and risk re-scoring are pushed back to Tenable for unified reporting.

AWS Security Hub

Native integration with AWS Security Hub using the ASFF (AWS Security Finding Format). Piscium imports findings from Security Hub aggregated sources — GuardDuty, Inspector, Macie, and third-party tools — validates exploitability across your AWS and hybrid infrastructure, and publishes validated exposure findings back to Security Hub for centralized visibility.

CrowdStrike Falcon

Integration with CrowdStrike Falcon platform including Falcon Insight EDR, Falcon Spotlight, and Falcon Discover. Piscium ingests endpoint detection data, vulnerability assessments, and asset inventory from Falcon to enrich attack graph modeling. Validated exposures can trigger Falcon Real Time Response actions and Falcon Fusion SOAR workflows.