Verify software is installed compliant

As mentioned already step 1 the app will need to show as an Azure AD registered app . Has nothing to do with Intune. CA policies apply for public and private apps in Azure AD only. Of course these apps will be registered there for purposes of SSO after all AAD is an identity provider and a Directory as a service. CA policies is simply an engine that processes signals from other systems and acts based on these signals.

Now as far as I understand these are third party EDR/XDR tools so you may achieve better results with looking at Microsoft Defender for Endpoint/Business in combination with Sentinel and Microsoft security center. Intune plays nicely with MS Defender for Endpoint.

Note sure if you can add all the apps unless you have SSO for these apps and if you can see them in Azure as an app then you can create a conditional access base on these applications the device will be compliant and access requires otherwise it will be blocked.

Again the starting point is you should be able to see your apps on Azure like not the apps created on intune to be pushed but the Azure apps for SSO or Access.

Than go to Azure > Azure Active Directory > Enterprise Applications > Conditional Access
here you will create a new Policy Select the Cloud Apps, give conditions, and then access control.

I suggest trying this on a test environment as it might Mess with your production and let me know how your testing goes.