AI-NATIVE RMM · MODEL-AGNOSTIC · SECURITY-FIRST
Bring your own AI.
Run your whole fleet.
Connect Claude, ChatGPT, Grok, opencode, or your own agent to Conduit's programmable control plane. Give it the same fleet-wide tools as a human operator — under scoped, audited, revocable access.
For MSPs and IT teams managing Windows, macOS, and Linux across client boundaries.
YOUR MODEL · CONDUIT'S CONTROL PLANE
Use the AI you already trust.
Conduit does not lock fleet control to one model or one AI vendor. Connect Claude, ChatGPT, Grok, opencode, or your own autonomous agent through the REST API or CLI. The model uses the same programmable surface a human operator uses — with permissions you define and actions Conduit records.
One control plane. The full operator toolset.
- Open and control a remote desktop
- Start an interactive terminal and stream its output
- Execute a command on one device or across the fleet
- Upload and download files
- Open TCP tunnels to endpoint services
- Run scripts and apply policies to dynamic device groups
- Read live device health and client-scoped variables
- Work through staged rollouts and complete audit history
The model changes. The control boundary does not.
Every operator — human or AI — enters through Conduit's governed control plane. Use read-only, execute, or admin credentials; scope access to the work; audit the result; revoke the credential when it is no longer needed.
FULL OPERATOR TOOLSET
Everything an operator needs — human or AI.
Conduit exposes remote access, fleet execution, automation, and governance through one programmable control plane. The dashboard, CLI, and external agents operate the same underlying system.
Work directly on the endpoint.
Remote desktop, an interactive terminal, file transfer with integrity checks, and TCP tunnels for SSH and local services. Device and client context stays attached to every action.
Make one change — or five hundred.
Single and bulk command execution that fans out across the fleet. A reusable script library. Policies applied to dynamic device groups. Per-client variables.
Keep authority, scope, and change visible.
Scoped API credentials. Client organizations and dynamic groups. Live agent health. Staged rollout rings. Searchable audit logs.
ONE PROGRAMMABLE OPERATOR PLANE
One device. Every control surface.
Move from live health to a remote desktop, terminal, file system, TCP tunnel, or activity history without changing tools. Human operators use the dashboard; AI operators can drive the same control plane through the API and CLI.

Device detail — health, remote access, terminal, files, tunnels, and activity in one operational context.
GOVERNED BY DEFAULT
This much control demands strict boundaries.
Conduit gives AI and human operators real authority over managed devices. That authority enters through scoped credentials, follows the same authorization path, and leaves a complete audit trail. Access can be limited, reviewed, and revoked without changing the model or the endpoint agent.
Issue read-only, execute, or admin credentials per the operator's job — human or AI.
Human and AI actions land in one history. Every operation is attributable.
Revoke the credential, not the model. Access ends the moment you cut it off.
The agent holds one authenticated outbound connection and exposes zero listening sockets at idle.
Noise-encrypted peer channels for remote sessions, authorized by the relay before they open.
ENDPOINT SECURITY ARCHITECTURE
The endpoint design reduces the attack surface behind every governed action.
ONE AUTHORIZATION PATH
Human or AI, every action takes the same governed path.
CLIENT-AWARE CONTROL
Fleet-wide action without losing the client boundary.
Conduit keeps devices, variables, commands, policies, and audit history organized by client. A human or AI operator can work across the fleet while the control plane preserves which organization owns each endpoint and operation.
- Client-first navigation with per-org device counts.
- Dynamic groups for cross-fleet targeting.
- Client-specific variables and custom fields.
- Commands, policies, and audit logs scoped to the org.
- One model across Windows, macOS, and Linux.
Quiet when the fleet is healthy. Immediate when it is not.

Client Settings — variables and custom fields scoped per organization.
FLEET CHANGE CONTROL
Agent updates earn fleet-wide promotion.
Conduit moves agent versions through canary, verification, and promotion. Automation does not remove rollout discipline: a new build proves itself on a scoped cohort before it can reach the default ring.
New versions target a scoped ring — a single org or an explicit agent list — before anything else.
The relay polls until the canary cohort reports the new version, then a smoke test runs against it.
Only then can the default ring move. Promotion without a verified canary is blocked unless explicitly overridden.
- Agent, org, and default ring targeting — most specific wins.
- Connected-canary verification is required before fleet promotion.
- Overrides are audit-logged, never silent.
- Version resolution is platform-aware — Windows, macOS, Linux, and Linux ARM64 each resolve independently.
See what your AI can operate.
Bring the model or agent you already use. We'll walk through Conduit's REST API, CLI, remote operations, bulk execution, and the scoped credentials and audit trail that govern every action.
// this form isn't wired yet — it opens an email to hello@conduit.dev