Connect Anything, Govern Everything.
We take care of integrations, data standards, and regulatory frameworks. You focus on growth, new services, and intelligent operations.
AKIDO
Containers
Akido provides a standardized API layer for developers in health-IT apps so they can integrate into hospital records/EHR systems without building custom connectors.
archer
Application
RSA Archer offers APIs and integration connectors so risk and compliance data can flow into/from other systems (GRC workflows, ticketing, asset databases) for automation and unified governance.
Axonius
Infrastructure
Unifies asset inventory data from multiple IT and security sources, helping organizations identify unmanaged devices, enforce security policies, and streamline compliance.
AWS Audit Manager
People
Automates evidence collection and compliance reporting across AWS environments to streamline audit readiness and governance.
amazon SECURITY HUB
INFRASTRUCTURE
Cloud infrastructure provider that supplies APIs that aggregate and normalize security findings from AWS services and third-party tools, enabling centralized visibility and automated compliance checks.
Big Fix
Endpoints
BigFix exposes SOAP, REST and database APIs to query inventory, endpoint status, actions, and integrate with other tools or create custom dashboards / reports.
Chain Guard
Containers
Chainguard integrates via APIs with platforms like Orca Security to feed container-image metadata and vulnerability information into broader cloud-/supply-chain-security systems for improved visibility.
CISA Known Exploited Vulnerabilities
Infrastructure
CISA maintains the authoritative source of actively exploited vulnerabilities that have been exploited in the wild.
CSAM
Application
Consolidates asset data from across IT and security tools to improve visibility, track hardware and software, and ensure compliance with security policies.
DYNATRACE
Containers
Offers observability data such as metrics, logs, and traces, enabling automated monitoring and performance optimization across applications and infrastructure.
END OF LIFE
Application
Endoflife offers a public REST API to retrieve version and end-of-life data for software products (e.g., programming languages, OS, frameworks) so you can integrate up-to-date lifecycle info into your CI/CD pipelines or asset management systems.
ENTRA ID
Identity
Offers identity and access management APIs to authenticate users, manage permissions, and integrate secure single sign-on across applications.
GITHUB
Application
GitHub offers REST/GitHub Apps APIs enabling external systems to manage repos, pull requests, issues, webhooks etc., allowing rich integration with CI/CD, bots and ticketing systems.
GITLAB
Application
GitLab provides an extensive REST API so external systems or custom scripts can manage repositories, CI/CD pipelines, issue trackers, and integrate DevOps tooling.
glpi
data
GLPI exposes a REST API for CRUD operations on assets/tickets/etc., enabling automation of ITSM workflows, asset/ticket integration and custom script or external system connectivity.
Google scc
infrastructure
Centralizes security findings from Google Cloud services, improving visibility, threat detection, and compliance management.
GSA IT COLLECt
data
GSA’s IT Collect public API offers REST endpoints for accessing government-wide IT portfolio and asset data to enable external systems or dashboards to integrate, query and visualize federal IT inventory and related metadata.
invicti
Application
Invicti (web-app scanner) exposes APIs to export scan results and trigger automated workflows (e.g., into ticketing/issue-tracking systems) to speed remedial action.
JFRoG
Application
JFrog offers REST APIs to integrate artifact management into CI/CD pipelines, automate repository tasks, and link build/deployment tools to artifact lifecycle.
Keycloak
Identity
Keycloak’s APIs support authentication/authorization workflows (e.g., identity management, SSO, user provisioning) so applications can integrate identity services programmatically.
Microsoft Azure
infrastructure
Cloud infrastructure provides comprehensive APIs for deploying, managing, and securing cloud services, supporting integration with governance, monitoring, and automation tools.
metrix
data
Offers monitoring and analytics solutions to track system performance, security metrics, and operational health for informed decision-making and proactive risk management.
mitre
infrastructure
MITRE develops threat intelligence frameworks such as ATT&CK, providing standardized models for mapping, analyzing, and mitigating cybersecurity threats.
MS Defender
Application
Microsoft Defender offers an API interface so partner tools or SaaS platforms can ingest detection/response data, orchestrate workflows and integrate endpoint security telemetry.
nist nvd
infrastructure
Provides standardized vulnerability and CVSS data, supporting automated risk scoring and vulnerability tracking.
NETWRIX
Identity
Netwrix uses APIs/integrations to export audit, change-tracking and permission-data to SIEMs or other systems so organisations can incorporate identity/access/governance data into broader security analysis.
OKTA
Identity
Cloud-based solution that provides identity and access management, supporting authentication, user provisioning, single sign-on, and secure application access across enterprise environments.
open search
infrastructure
OpenSearch exposes REST APIs for search, analytics and indexing so security or observability platforms can integrate logs, metrics and build custom dashboards / ingestion workflows.
QUALYS
Endpoints
Qualys offers APIs to pull vulnerability scan and posture data so integrations with ticketing, asset management or orchestration tools can automate remediation workflows.
rancher
Containers
Rancher exposes APIs for Kubernetes cluster management, allowing external tools to programmatically manage clusters, deploy workloads and integrate orchestration or security tooling.
regulations.gov
data
Regulations.gov API provides REST-based endpoints to search for documents, comments and dockets related to U.S. federal rule-making, enabling external systems to programmatically ingest regulatory data for analysis or display.
SERVICEDESK PLUS
infrastructure
ServiceDesk Plus provides APIs/webhooks to integrate service-desk/ticketing workflows with monitoring or security tools, enabling alerts to automatically create tickets or update status.
ServiceNow
infrastructure
Integrates IT and security workflows, enabling automated incident response, asset tracking, and change management across enterprise systems.
Splunk
infrastructure
Supplies APIs for ingesting, querying, and correlating machine data, empowering organizations to integrate real-time monitoring and security analytics into other platforms.
tanium
infrastructure
Tanium provides an API interface for endpoint data, asset visibility and remediation actions so you can connect endpoint management/visibility data into wider IT/security operations.
tenable
infrastructure
Delivers vulnerability management capabilities that allow systems to discover assets, assess exposures, and retrieve real-time risk data for automated remediation.
trellix
Containers
Trellix (formerly McAfee Enterprise) offers APIs/integration points to ingest security telemetry and orchestrate detection/response workflows with other tools (SIEM, SOAR).
vantage
infrastructure
Vantage (depending on which vendor/context) has API/integration features to connect analytics/data-platforms into other systems enabling automated data exchange and pipeline workflows.
wazuh
Endpoints
Wazuh provides a built-in RESTful API and integration module to ingest external alerts/events (and send notifications) enabling orchestration, incident response and security-monitoring workflows.
WIZ
infrastructure
Wiz offers REST/API-based integrations to pull in cloud/SaaS asset and risk data (and push tickets) so you can unify cloud risk posture, API exposures and remediation workflows across tools.
CMMC 2.0
Commercial
A U.S. Department of Defense framework that mandates cybersecurity maturity levels for defense contractors handling controlled unclassified information (CUI).
COBIT 5:2019
Cybersecurity
A comprehensive framework for governing and managing enterprise IT to align technology goals with business objectives and stakeholder needs.
csa ccm v4.0.10
commercial
A cybersecurity control framework specifically tailored to cloud environments, mapping key security, privacy, and compliance principles to industry standards.
CNSSI 1253
Federal
The Risk Management Framework and guidance on the Categorize and Select steps of the CNSSI implementing, assessing, and managing security controls.
FedRAMP
Commercial
Standardized approach to security authorization and continuous monitoring for cloud services serving the federal government.
FISMA
Federal
A U.S. federal law requiring federal agencies and their contractors to implement information security programs to protect government information and operations.
GDPR
Privacy
The EU regulation that governs personal data protection and privacy, setting strict rules for how organizations collect, process, and store individuals’ data.
ISO 27002:2022
Cybersecurity
Provides detailed guidelines and best practices for implementing, managing, and improving information security controls within an organization’s ISMS.
ISO 27001:2022
Cybersecurity
Specifies requirements for establishing, implementing, maintaining, and continually improving an ISMS to protect information assets systematically.
ISO 20000-1:2018
Cybersecurity
Defines requirements for establishing and continually improving a service management system (SMS) to ensure effective delivery of IT services.
ISO 9001:2015
Cybersecurity
Specifies criteria for a quality management system focused on consistent delivery of products and services that meet customer and regulatory requirements.
ISO 27018:2019
Cybersecurity
Guidelines for protection of personally identifiable information in the cloud.
MVSP:2023
Cybersecurity
Minimum Verification Standard for secure SaaS vendor assessments and due diligence.
NARA ERM v3
Federal
Defines standards and requirements for managing, preserving, and ensuring the authenticity of electronic records within U.S. federal agencies.
NIST 800-218
Cybersecurity
Provides best practices for integrating security throughout the software development lifecycle to ensure the production of secure and resilient software.
NIST SP 800-53 Rev. 5
Methodology and procedures for conducting assessments of security and privacy controls.
NIST SP 800-53 Rev. 4
Methodology and procedures for conducting assessments of security and privacy controls.
NIST CSF
Cybersecurity
A risk-based framework that provides a common language and structure for organizations to identify, protect, detect, respond to, and recover from cyber threats.
NIST 800-171 REV. 2
Cybersecurity
The previous revision of NIST 800-171, outlining baseline security requirements for protecting CUI in nonfederal systems and organizations.
NIST 800-171 Rev. 3
Cybersecurity
Provides updated requirements and controls for safeguarding CUI in nonfederal systems, emphasizing alignment with current threat environments.
NIST 800-161
Cybersecurity
Offers guidance on managing cybersecurity risks associated with the supply chain for federal and nonfederal organizations.
NIST Privacy
Cybersecurity
A privacy framework that helps organizations manage privacy risk by integrating privacy protection into existing risk management and business processes.
SOC 2
Cybersecurity
An auditing standard developed by the AICPA that evaluates an organization’s controls related to security, availability, processing integrity, confidentiality, and privacy..