On the Drata Site
Intruder Portal
How to send reports to Drata
All Collections
Integrations
Compliance
Drata Integration
Drata Integration
Getting started with our Drata integration
Updated over a week ago

With our Drata integration you can send scan reports directly to the Reports & Docs section of Drata, streamlining and simplifying your compliance process.

On the Drata Site

  • Select API Keys

  • Click 'Create API Key'

  • Fill out the Create API Key Form:

    • Expiration Date: We recommend a long expiration date so that your integration does not unexpectedly stop working

    • The following scopes must be enabled:

      • Read: Personnel List; Controls List; List workspaces

      • Write: Map external evidence; Add report

User-uploaded Image
User-uploaded Image

  • Save the configuration

  • Copy the API Key and save somewhere secure!

  • Visit the Controls > search for DCF-18 > Click on 'Quarterly Vulnerability Scan'

    User-uploaded Image

Below is a temporary step - subsequent
versions of the integration will not require this.

  • Scroll down to the automated testing section > set the test status to disabled with a rationale > click save

Due to the current design/data model of Drata's OpenAPI, customers are required to first disable the automated test associated with DCF-18, as Drata’s built-in monitor cannot currently be integrated to OpenAPI connections. 

Drata Controls have built-in internal logic to first scan any enabled/mapped automated tests for evidence, and will continue to show a control as "not ready" even if external evidence has been mapped to the Control in question.

User-uploaded Image


Intruder Portal

  • Paste the API key and click Connect

  • Select the workspace which you want the vulnerability reports to be sent to and the user you want marked as the owner.

  • You can also adjust the default control to which the evidence will be mapped, by choosing from the drop down list. Once this has been updated, click Save and you're done!

User-uploaded Image

Your integration is now set up!

How to send reports to Drata

  • Go to your Scans Overview Page

  • Choose the Scan you wish to use as evidence for your compliance

  • Click the Ellipsis icon (), and choose Send To Drata

  • This process will take a few seconds for the report to be prepared and sent.
    Once complete you will see a screen like the one below:

  • And you'll find the report in Drata:

Note: you can also send a report directly to Drata from a Scan Detail Page, just click into a scan and press 'Send to Drata':

Note: The Drata integration is available for users on Pro, Premium and Vanguard plans.

Related Articles
Azure DevOps integration
FAQs: API scanning
Getting Started
Bug Hunting explained
Microsoft Azure integration
Did this answer your question?