The generic API layer that takes every TITAN finding from SCOUT / SENTINEL / FORGE and files a full-detail ticket into whatever your team already runs — ServiceNow, Datadog, PagerDuty, Slack, Microsoft Teams, Opsgenie, Splunk HEC, Jira, or any REST webhook. Severity, resource metadata, exact finding, fix command, rollback command, test plan, and the pre-scan + post-fix evidence — all in the ticket when it lands. TITAN scans, finds, fixes. CONDUIT makes sure the ticket shows up where your team already looks.
Live run from 2026-04-21. 46 real security findings, auto-detected environment, each filed as a full-detail ticket into the destinations the team already runs — severity, resource, fix command, rollback, pre-scan + post-fix evidence, CVSS, compliance mapping. Same payload whether your stack is ServiceNow, Datadog, PagerDuty, Slack, Microsoft Teams, Opsgenie, Splunk HEC, or a plain webhook. Click to inspect all 46 with full details.
15 Banking · 15 Telecom · 15 Healthcare — each with real Azure/AWS/GCP findings and the exact payload CONDUIT's generic-API forwarder sent to Datadog, PagerDuty, Slack, MS Teams, Opsgenie, Splunk HEC, a plain webhook, and ServiceNow (to prove the generic layer connects to vendor-ITSM endpoints too). All 8 serialisers unit-tested: tests/test_alert_forwarder.py — 15 tests green.
CONDUIT now rides on top of a single generic API layer (core/alert_forwarder.py) that serialises every finding into the native payload shape of Datadog Events, PagerDuty v2, Slack Blocks, Teams MessageCards, Opsgenie Alerts, Splunk HEC or a plain JSON webhook. Each shipper has its own unit test — below is the latest green run.
DATADOG_API_KEY, PAGERDUTY_ROUTING_KEY, SLACK_WEBHOOK_URL, TEAMS_WEBHOOK_URL, OPSGENIE_API_KEY, SPLUNK_HEC_URL + SPLUNK_HEC_TOKEN, or TITAN_ALERT_WEBHOOK_URL) and run:python -m unittest tests.test_alert_forwarder -v
Point CONDUIT Enterprise at whatever alerting / ticketing backend your team already runs. It reads 90 days of your closed alerts + tickets via that platform’s native REST API, learns which teams fix which resources, reads your cloud tags, classifies each finding by layer + work category, and routes every notification correctly from the very first scan. Zero YAML. Zero config. It just works.
Tag: owner=FraudDetection, CONDUIT Enterprise uses that as routing input. Team names come from YOUR cloud — we never hardcode a customer’s vocabulary.firewall_config, db_config, cert_mgmt, patching, smtp, user_account, connectivity, os_config, app_config, system_copy, secret_exposure, data_exfiltration. Alerts route to the right team automatically.watch_reassignments loop picks it up within the hour and updates the routing map. Next similar finding goes to the corrected team automatically. One correction = permanent learning.alerting.yaml) or a single env var — CONDUIT probes what your team already runs and starts forwarding to the right API on the next scan. No custom integration code. No playbooks.Drop a config file (alerting.yaml) or set one env var — CONDUIT figures out what your team already runs and starts dispatching on the next scan. No custom integration code. No SOAR playbook. No separate license per platform. Any destination we don’t natively speak falls back to a plain REST webhook.
az / aws / gcloud fix command, pre-scan snapshot ID, CVSS, compliance mapping — every alert lands with everything the assignee needs.CONDUIT ships with routing rules for every Azure, AWS and GCP resource type our 26 agents scan. When a finding arrives, CONDUIT looks up the resource type AND the security category to pick the right ticket destination:
Every alert CONDUIT forwards carries the full 8-section remediation record that appears on our website finding cards: severity, resource metadata, exact finding, before-state snapshot, the fix command, rollback command, test plan, and compliance mapping. Your assignee opens the Slack thread, PagerDuty incident, or Datadog event and has everything the TITAN console shows — no context-switching, no portal login, no investigation.
Rather than showing mock data here, we publish the full set of 46 real alerts CONDUIT forwarded during our 2026-04-21 live run against Azure + AWS + GCP — every alert expandable to the full finding, remediation plan, pre-scan snapshot, fix command, and the exact JSON payload sent to your alert stack, with downloadable HTML / PDF / DOCX per alert.
| Product | Annual price | What it covers |
|---|---|---|
| Enterprise ITOM Event Mgmt | $25,000–$100,000 | Alert correlation + auto-ticket, single-vendor only |
| CSPM + ITOM + Config Compliance bundle | $50,000–$300,000 | Three separate licenses to do what CONDUIT does |
| BigPanda AIOps | $60,000–$200,000 | Event correlation, multi-platform |
| Moogsoft AIOps | $50,000–$150,000 | General IT ops AIOps |
| PagerDuty AIOps | $30,000–$100,000 | PagerDuty-centric |
| TITAN CONDUIT standalone | $3,500/mo | 11 destinations covered, security-native classification, 26-agent findings ecosystem |
| TITAN CONDUIT (bundled in Cloud Pro+) | $0 upcharge | Every paid tier gets it free. Typical replacement savings: $30K–$100K/yr. |
Competitor pricing ranges based on public pricing pages, Gartner Peer Insights, and mid-market reseller quotes as of 2026-04. Your stack may differ; every range shown is typical list-price territory, not floor.
Every competitor charges separately for alert-platform automation. Most customers end up with three tools and three licenses. CONDUIT replaces the whole stack — and is included free at Cloud Pro ($129,000) and up. If you’re on a paid tier, CONDUIT is $0 extra. If you just want standalone alert orchestration with no other TITAN agents, the $3,500/mo standalone SKU lands under a credit-card threshold at most companies.
TITAN CONDUIT auto-dispatches to whichever platform your team already lives in — Datadog, PagerDuty, Slack, Teams, Opsgenie, Splunk, Jira or any REST webhook. No migration, no retraining, no separate procurement.
Subscribe — $3,500/mo Request demo