Drata Integration

Getting started with our Drata integration

Joe Haigh avatar
Written by Joe Haigh
Updated over a week ago

With our Drata integration you can send scan reports directly to the Reports & Docs section of Drata, streamlining and simplifying your compliance process.

Adding the integration

On the Drata Site

Log in to https://app.drata.com > Click on your profile name > Settings

Select API Keys

Click 'Create API Key':

Fill out the Create API Key Form using the guidance below and be sure to save it:

  • Expiration Date: We recommend a long expiration date so that your integration does not unexpectedly stop working

  • The following scopes must be enabled:

    • Read: Personnel list; List workspaces; Controls List; List evidence

    • Write: Add evidence; Update evidence

      User-uploaded Image

      User-uploaded Image

Copy the API Key and save it somewhere secure!

Intruder Portal

  1. Go to the Intruder Integrations page > Drata integration:

Paste the API key, enter the region (North America/Europe) and click Connect:

If you see the following error message, please confirm your Drata region and hit the 'Try Again' button:

  • Select the workspace which you want the vulnerability reports to be sent to and the user you want to be marked as the owner.

  • You can also adjust the default control to which the evidence will be mapped, by choosing from the drop-down list. Once this has been updated, click Save and you're done!

Your integration is now set up!

Manually send reports to Drata

  1. There are two places you can upload reports from.

    • Scans Overview Page
      Choose the Scan you wish to use as evidence for your compliance > click the Ellipsis icon (), and choose Send To Drata:

    • Scan's detail page
      Simply hit Send to Drata:

  2. This process will take a few seconds for the report to be prepared and sent.
    Once complete you will see a screen like the one below:

  3. Inside Drata, reports will appear under Evidence library.

    NB: Each time a new report is sent from Intruder, it will update the 'Current version', moving the previous version to 'Version history':

  4. If any errors occur during the process, you will find a modal appear, similar to the one shown below:

    Any additional data on the error that has occurred will be shown in the field below.

Automatically send reports to Drata

Existing scans (must be a recurring scan)

  1. Head to the Scans page > Navigate to Scheduled scans on the right-hand side> Select the ellipsis of the scan you wish to automate for compliance > Press Edit:

  2. Assuming you're happy with the repetition frequency (daily, weekly, monthly or quarterly), you can just toggle Auto send to Drata > Update scan:

  3. The scheduled scan will now show 'Send to Drata':

New scans (must be a recurring scan)

  1. Head to the scans page > click + Schedule scan:

    1. Choose the targets you wish to scan

    2. The date you'd like the first scan to run

    3. The time you'd like it to run

    4. Preferred repetition frequency: daily, weekly, monthly or quarterly.

      1. One-off scans cannot be automatically sent to Drata, these can still be sent manually

    5. Toggle Auto send to Drata

    6. Give the scan a name

    7. Hit Schedule scan

  2. The scheduled scan will now show 'Send to Drata':

Note: The Drata integration is available for users on Pro, Premium and Vanguard plans.

Did this answer your question?