--- title: "Inbound integrations" aliases: ["/docs/integrations/"] --- ## Enriching runZero results with data from other tools The runZero platform offers integrations with several sources of asset data, allowing users to enrich their asset inventory and identify assets and subnets that are not effectively managed or protected. By leveraging product APIs and export/import functionality, runZero can pull data from many IT and security tools to extend visibility across your organization's network. ## Supported integrations ### Cloud and virtualization * [Amazon Web Services](docs/aws.md) * [Google Cloud Platform](docs/google-cloud-platform.md) * [Microsoft Azure](docs/azure.md) * [Prisma](docs/prisma.md) * [VMware](docs/vmware.md) * [Wiz](docs/wiz.md) ### Endpoint protection * [CrowdStrike Falcon](docs/crowdstrike.md) * [Microsoft 365 Defender](docs/microsoft-365-defender.md) * [Microsoft Intune](docs/microsoft-intune.md) * [Miradore MDM](docs/miradore.md) * [SentinelOne](docs/sentinelone.md) * [Tanium API Gateway](docs/tanium.md) ### Endpoint management * [Microsoft Endpoint Configuration Manager (MECM)](docs/mecm.md) ### Asset and identity management * [Google Workspace](docs/google-workspace.md) * [Microsoft Active Directory](docs/microsoft-active-directory.md) * [Microsoft Entra ID](docs/microsoft-entra-id.md) (formerly Azure AD) ### Vulnerabilities and risk {#integrations-inbound-vm} * [Censys Search & Data](docs/censys.md) * [Dragos](docs/dragos.md) * [Qualys VMDR](docs/qualys.md) * [Rapid7](rapid7.md) * [InsightVM](rapid7-insightvm.md) * [Nexpose](rapid7-nexpose.md) * [Shodan](docs/shodan.md) * [Tenable](tenable.md) * [Tenable Vulnerability Management](tenable-vm.md) * [Tenable Nessus Professional](tenable-nessuspro.md) * [Tenable Security Center](tenable-sc.md) * [Tenable Nessus (file import)](tenable-nessus.md) ### Network management * [Cisco Meraki Dashboard](docs/meraki.md) ### Custom integrations If the solution you want to draw data from isn't available as a current runZero integration, Platform and Community users can leverage the [custom integrations](https://console.runzero.com/custom-integrations/) feature to add asset data from custom sources. Adding custom asset sources can be accomplished through the API or by leveraging the [runZero Python SDK](https://runzeroinc.github.io/runzero-sdk-py/). ## Scan probes or connector tasks {#integration-probe-connector} Most integrations can be run either as a ((scan probe)) or a ((connector task)). **Scan probes** run as part of a scan task. The scan task can be used to scan your environment and sync integrations at the same time. To run an integration as a scan probe: 1. Configure a scan task from the _Scan_ menu in your inventory or tasks page. 2. Activate the integration under the _Probes_ tab. 3. Activate the correct credential under the _Credentials_ tab. 4. Configure, activate, or deactivate other scan task configuration options as preferred. **Connector tasks** run independent of scan tasks in order to allow more finely tuned scheduling of integration syncs and asset scans. Connector tasks are run from the runZero cloud by default, but can be configured to run from an Explorer in your organization if preferred. To run an integration as a connector task: 1. Configure a connector task from the [Integrations page](https://console.runzero.com/integrations/) or the _Integrate_ menu in your inventory or tasks page. 2. Select an Explorer from the _Explorer_ menu (optional). 3. Configure, activate, or deactivate other connector task configuration options as preferred. ## Importing integration data Some integrations can be used by importing data from that platform into runZero. For example, `.nessus` files from [Tenable Nessus](docs/tenable-nessus.md) and `.xml` files from [Rapid7 Nexpose](docs/rapid7-nexpose.md) can both be ingested without requiring a connection to their APIs. ## Automatic asset merge {#integrations-merging} How runZero maps integration assets to assets: * For hosts that can be matched to an existing runZero asset, asset-level attributes will be updated, and integration-specific attributes will be added. * For hosts that cannot be matched with an existing runZero asset, a new asset will be created in the site specified when the integration task is set up. runZero is able to merge integration data into existing assets by the following, in priority order: 1. MAC address 2. IP address (3-day window) 3. Hostname Assets from integrations can also be manually merged into runZero assets using the _Merge_ button on the [Asset Inventory](https://console.runzero.com/inventory) page. ## Removing an integration data source {#integrations-removal} When an integration is removed as a data source, the associated attributes are removed from your runZero assets. Since some asset attribute fields are merged, it is possible that attributes populated by both runZero scans and the integration could be deleted. Rescanning the affected assets will resolve this issue. ## Excluding integration attributes Your account and organizations can be configured to prevent the collection of certain integration attributes; for example, personally identifiable information (PII) such as usernames or email addresses. Please note that some attributes are crucial to runZero's merging and fingerprinting methods, and excluding these attributes may lead to inaccuracies in your inventory. Excluded attributes can be configured in your [Account settings](https://console.runzero.com/account) under _Personally Identifiable Information (PII) collection_ to apply across all organizations, or configured within individual [Organization](https://console.runzero.com/organizations) settings to override the account-level settings. You can choose to use the default list of attributes or define your own. The attributes must be in the format `@source.resourceType.attributeName`. For example, `@crowdstrike.dev.firstLoginUser` excludes the attribute “firstLoginUser” from CrowdStrike devices. Only integrations that import PII support attribute exclusions, at this time those integrations are: * CrowdStrike * SentinelOne * Tanium * Google Workspace * Intune * Miradore Attribute exclusions are not supported for the Directory Users and Directory Groups inventories. The AzureAD, LDAP, and Google Workspace integrations import directory users and groups by default, but this can be disabled in the task configuration. ## Source names and IDs {#integration-sources} The table below maps the source name to the source ID for querying assets and vulnerabilities.