With our Drata integration you can send scan reports directly to the Reports & Docs section of Drata, streamlining and simplifying your compliance process.
On the Drata Site
Log in to https://app.drata.com
Click on your profile name >
Create API Key'
Fill out the Create API Key Form:
Expiration Date: We recommend a long expiration date so that your integration does not unexpectedly stop working
The following scopes must be enabled:
Map external evidence;
Save the configuration
Copy the API Key and save somewhere secure!
Below is a temporary step - subsequent
Scroll down to the
automated testing section> set the test status to
disabledwith a rationale > click save
Due to the current design/data model of Drata's OpenAPI, customers are required to first disable the automated test associated with DCF-18, as Drata’s built-in monitor cannot currently be integrated to OpenAPI connections.
Drata Controls have built-in internal logic to first scan any enabled/mapped automated tests for evidence, and will continue to show a control as "not ready" even if external evidence has been mapped to the Control in question.
Go to the Intruder Integrations page > Drata integration card
Paste the API key and click
workspacewhich you want the vulnerability reports to be sent to and the user you want marked as the
You can also adjust the default control to which the evidence will be mapped, by choosing from the drop down list. Once this has been updated, click
Saveand you're done!
Your integration is now set up!
How to send reports to Drata
Go to your Scans Overview Page
Choose the Scan you wish to use as evidence for your compliance
Click the Ellipsis icon (
…), and choose
Send To Drata
This process will take a few seconds for the report to be prepared and sent.
Once complete you will see a screen like the one below:
And you'll find the report in Drata:
Note: you can also send a report directly to Drata from a Scan Detail Page, just click into a scan and press '
Send to Drata':
Note: The Drata integration is available for users on Pro, Premium and Vanguard plans.