Integrations
- Integrations
- 1Password
- Abnormal
- Absolute
- AbuseIPDB
- Adaptive Shield
- Adobe Cloud
- ADP
- Agari Phishing Response
- Airlock
- Airlock Digital
- Akamai Identity Cloud Social
- Alert Logic
- AlgoSec Firewall Analyzer
- AlienVault OTX
- AlienVault USM
- Anodot
- Ansible
- Anvilogic
- Any Run
- Apex One
- ArcSight ESM
- Area 1
- Asana
- Asset Panda
- Atlassian User Management
- Atlassian User Provisioning
- auth0
- Authentik
- Authomize
- Automox
- AWS
- AWS IAM Identity Center
- Axonius
- Azure
- Azure Data Explorer
- Azure DevOps
- Azure Log Analytics
- Azure Storage
- BambooHR
- Big Fix
- BigPanda
- Bitbucket
- Bitdefender
- Bitsight
- Bitwarden
- Black Duck
- Black Kite
- Blink
- BMC Remedy
- Box
- Brinqa
- Cato Networks
- Censys
- Check Point Harmony
- Check Point Infinity Events
- Check Point XDR-XPR
- Check Point Management
- Checkmarx One
- Checkmarx SAST
- Chorus
- Chronicle
- Cisco Advanced Phishing Protection
- Cisco Domain Protection
- Cisco Meraki
- Cisco Talos
- Cisco Umbrella
- Cisco Webex
- Claroty xDome
- ClearPass
- ClickHouse
- ClickUp
- Cloud Custodian
- Cloudflare
- Cobalt
- Compass
- Confluence
- Confluence Data Center
- Coralogix
- Coralogix Incident Management
- Cortex XDR
- Cortex Xpanse
- CredStash
- Cribl
- CrowdStrike
- CyberArk
- Cybersixgill
- CyCognito
- Cyera
- Cylance
- Cyware CTIX
- Darktrace
- Dasera
- Databricks
- Datadog
- DataSet
- Delighted
- Delinea
- Devo
- Discord
- Docusign
- Domo
- Drata
- Drata
- Actions
- Overview
- Add New Vendor
- Controller Retest
- Create Ticket
- Drata Custom Action
- Find Control External Evidence
- Get Control Evidence Download URL
- Get Control Owners
- Get Control
- Get External Evidence Document Download Url
- Get Mapped Requirements
- Get Personnel
- Get User Document Download Url
- Get Vendor
- List Personnel
- List User Documents
- Update Vendor
- Upload Document
- Upload External Evidence Document
- Dropbox
- Dropbox Business
- Druva
- Duo
- Duo Auth
- Dynatrace
- EasyVista
- EchoTrail
- Egnyte
- Egnyte Secure Govern
- Elasticsearch
- Entro
- Ermetic
- Exabeam
- Exchange Online
- Expel
- F5 BIG IP
- Falcon LogScale
- Falcon Surface
- Flare.io
- Forcepoint DLP
- Forescout
- FortiGate
- Freshservice
- GCP
- Ghostwriter
- Git
- GitHub
- GitLab
- Glean
- Gmail
- Google Calendar
- Google Chat
- Google Docs
- Google Drive
- Google Forms
- Google Looker
- Google Meet
- Google Sheets
- Google Workspace
- Grafana
- Grip Security
- GYTPOL
- Have I Been Pwned
- HiBob
- HubSpot
- Hunters
- Hybrid Analysis
- Hyperproof
- IBM Cloud
- IBM NS1 Connect
- IBM X Force
- Imperva
- incident.io
- Infoblox Cloud Services Portal
- Integrations
- Intercom
- Intezer
- IP API
- IPinfo
- IPWHOIS
- Ironscales
- Ivanti RiskSense
- Jamf
- JetBrains
- JFrog
- Jira
- Jira Data Center
- Joe Sandbox
- JumpCloud
- Kandji
- Keeper Secrets Manager
- Kenna Security
- KnowBe4
- KnowBe4 Events
- Kubernetes
- Lacework
- LaunchDarkly
- Linear
- Litmos
- LogicMonitor
- LogRhythm
- Manage Engine ServiceDesk Plus
- Mattermost
- Maven
- Microsoft Defender For Cloud
- Microsoft Defender For Cloud Apps
- Microsoft Defender For Endpoints
- Microsoft Defender XDR
- Microsoft E-Discovery
- Microsoft Entra ID
- Microsoft Graph
- Microsoft Intune
- Microsoft Office 365 Management Activity
- Microsoft Outlook
- Microsoft Purview
- Microsoft Sentinel
- Microsoft SQL Server
- Microsoft Teams
- Mimecast
- MISP
- Monday
- MongoDB Atlas
- MxToolbox
- Neo4j
- NetBox
- Netography
- Netskope
- New Relic
- Nightfall AI
- NinjaOne
- Notion
- Nozomi Networks
- Nuclei
- Nucleus
- Nutanix Hypervisor
- Obsidian
- Okta
- OneDrive
- OneLogin
- OneTrust
- OpenAI
- OpenCTI
- Opsgenie
- OPSWAT
- Oracle Cloud
- Oracle HCM
- Orca Security
- OWASP ZAP
- PagerDuty
- Palo Alto Cloud NGFW
- Palo Alto Firewall
- Panther
- Pentera
- Perception Point
- PhishLabs
- PhishLabs Incident Data
- PhishLabs Open Web Monitoring
- Pingdom
- PingID
- PingOne
- PlexTrac
- PortSwigger
- Postman
- Postman SCIM
- Power BI
- PowerShell
- Prisma Access
- Prisma Cloud CSPM
- Prisma Cloud CWP
- Prometheus
- Proofpoint
- Proofpoint ITM
- Proofpoint Protection Server
- Proofpoint Security Awareness Training
- Proofpoint TAP
- Proofpoint Threat Response Auto Pull
- Pub-Sub
- QRadar
- Qualys
- Rapid7
- Rapid7 InsightIDR
- Rapid7 InsightVM Cloud
- Rapid7 Threat Command
- Reco
- Recorded Future
- Red Hat IdM
- Rippling
- runZero
- SafeBase
- Sage HR
- SailPoint
- SailPoint IdentityIQ
- Salesforce
- SAP Ariba
- ScienceLogic
- Securin
- Securin VI
- SecurityScorecard
- Securonix
- SemGrep
- SentinelOne
- ServiceNow
- SharePoint
- Shodan
- Shopify
- Silverfort
- Slack
- Smartsheet
- Snipe-IT
- Snowflake
- Snyk
- SolarWinds Service Desk
- SonarQube
- Sophos
- Split
- Splunk
- Splunk Observability
- Splunk SOAR
- Spur
- StrongDM
- Sumo Logic
- Symantec EDR
- Sysdig
- Tableau
- Tanium
- TeamCity
- TeamViewer
- Telegram
- Tenable
- Tenable Security Center
- Terraform
- Terraform Cloud
- TheHive
- Thinkst Canary
- ThreatQuotient
- Trellix Email Security
- Trello
- Trend Vision One
- Twilio
- UKG HR
- Uptycs
- URLScan
- Vault
- Veracode
- Verkada
- Vertica
- VirusTotal
- VMware Carbon Black
- VMware vSphere
- WeChat
- WhatsApp
- Whois
- WildFire
- Wiz
- Workday
- Workspace ONE UEM
- YesWeHack
- Zendesk
- Zero Networks
- Zoom
- Zscaler Internet Access
- Zscaler Private Access
Actions
Add New Vendor
Create a new vendor resource in the account.
Basic Parameters
| Parameter | Description |
|---|---|
| Category | The type of vendor. |
| Critical | Does this vendor is considered as critical. |
| Data Stored | What type of data the vendor stores. |
| Has Pii | Does this vendor store any type of PII. |
| Is Compliance Review Required | Is vendor compliance report review required? |
| Is Sub Processor | Does this vendor is considered as sub-processor. |
| Is Sub Processor Active | Does this subprocessor is active. |
| Name | The name of a vendor. |
| Password Mfa Enabled | Is mult-factor authentication enabled for this vendor. |
| Password Policy | The vendor password policy. |
| Password Requires Min Length | Is there a minimum length for user passwords. |
| Password Requires Number | Does a password require numbers. |
| Password Requires Symbol | Does a password require non-alpha-numeric characters. |
| Risk | The level of risk for customer data. |
| Services Provided | Describe vendor services. |
| URL | Vendor URL. |
| User ID | The user ID of the person responsible for the compliance of this vendor. |
Advanced Parameters
| Parameter | Description |
|---|---|
| Confirmed | Is all vendor data confirmed? |
| Contact At Vendor | The name of the corresponding account manager for this vendor. |
| Contacts Email | The email of the corresponding account manager for this vendor. |
| Password Min Length | Minimum character length for a password. |
| Renewal Date | Vendor renewal date. |
| Renewal Schedule Type | Vendor renewal schedule type. |
Example Output
{ "archivedAt": "Timestap when the status of the vendor changed", "category": "ENGINEERING", "confirmedAt": "Fri Jul 14 2023", "contactAtVendor": "John Doe", "contactsEmail": "jdoe@company.com", "createdAt": "2020-07-06 12:00:00.000000", "critical": false, "dataStored": "resulting reports of security scans", "documents": [ { "createdAt": "2020-07-06 12:00:00.000000", "fileUrl": "http://localhost:5000/download/vendors/1", "id": 1, "name": "AWS SOC 2 2018", "updatedAt": "2020-07-06 12:00:00.000000" } ], "hasPii": true, "id": 1, "isComplianceReviewRequired": false, "isSubProcessor": false, "isSubProcessorActive": false, "lastQuestionnaire": {}, "location": "USA", "logoUrl": "https://cdn-prod.imgpilot.com/logo.png", "name": "Acme", "notes": "Meeting once a month to adjust contract", "passwordMfaEnabled": true, "passwordMinLength": 8, "passwordPolicy": "USERNAME_PASSWORD", "passwordRequiresMinLength": true, "passwordRequiresNumber": true, "passwordRequiresSymbol": true, "privacyUrl": "https://acme.com/privacy", "renewalDate": "2023-07-14", "renewalDateStatus": "COMPLETED", "renewalScheduleType": "ONE_YEAR", "reviews": [ { "cpaFirm": "CPA firm name", "cpaProcedurePerformed": "The following procedures were performed...", "encompassBusinessNeeds": true, "findings": [ { "description": "Finding 1", "id": 1 } ], "followUpActivity": "User must proceed to...", "hasMaterialImpact": true, "id": 1, "locations": [ { "city": "San Diego", "id": 1, "stateCountry": "CA" } ], "reportIssueDate": "2023-07-14", "reportOpinion": "UNQUALIFIED", "reviewDate": "2023-07-14", "reviewer": "John Doe", "services": [ { "id": 1, "name": "Service 1" } ], "socReport": "SOC_1", "socReportType1": true, "socReportType2": true, "socType1EndDate": "2023-07-14", "socType1StartDate": "2023-07-14", "socType2EndDate": "2023-07-14", "socType2StartDate": "2023-07-14", "subserviceOrganization": "Subservice Inc.", "subserviceOrganizationProcedurePerformed": "The following procedures were performed...", "subserviceOrganizationUsingInclusiveMethod": true, "trustServiceCategories": [ { "category": "AVAILABILITY", "id": 1 } ], "updatedAt": "2023-07-14", "userControls": [ { "id": 1, "inPlace": true, "name": "End User Control 1" } ] } ], "risk": "MODERATE", "servicesProvided": "Perform security scans once a month", "termsUrl": "https://acme.com/terms", "updatedAt": "2020-07-06 12:00:00.000000", "url": "https://acme.com", "user": { "avatarUrl": "https://cdn-prod.imgpilot.com/avatar.png", "backgroundChecks": [ { "caseId": "abc123", "caseInvitationId": "abc123", "createdAt": "2020-07-06 12:00:00.000000", "id": 1, "invitationEmail": "email@email.com", "linkedAt": "2020-07-06 12:00:00.000000", "manualCheckDate": "2020-07-06", "manuallyCheckUrl": "url.com", "outOfScopeAt": "2020-07-06 12:00:00.000000", "outOfScopeReason": "abc123", "reportData": "The background check report data", "source": "DRATA", "status": "OK", "type": "CERTN", "updatedAt": "2020-07-06 12:00:00.000000", "url": "https://app-stage.karmacheck.com/background_check/aaaaaaaa-bbbb-0000-cccc-dddddddddddd", "userId": 1 } ], "createdAt": "2020-07-06 12:00:00.000000", "drataTermsAgreedAt": "2020-07-06 12:00:00.000000", "email": "email@email.com", "firstName": "Sally", "id": 1, "identities": [ { "connectedAt": "2020-07-06 12:00:00.000000", "connection": { "accountId": "The related accound id to that connection", "aliasUpdatedAt": "2020-07-06 12:00:00.000000", "assignmentId": "FLk12AsS", "authorized": true, "clientAlias": "My-connection-alias-1", "clientId": "drata.com", "clientType": "GOOGLE", "code": "ACCOUNT_ADMIN_DISABLED", "companyId": "12341234", "connected": false, "connectedAt": "2020-07-06 12:00:00.000000", "deletedAt": "2020-07-06 12:00:00.000000", "failedAt": "2020-07-06 12:00:00.000000", "groupLabel": "Everyone", "id": "1", "jqlQuery": "project = IT AND type = \"Offboarding\"", "key": "johnsmith@admin.com", "manuallyUpdatedAt": "2020-07-06 12:00:00.000000", "product": "", "providerTypes": [ 5 ], "requestorId": "328d3016-71f3-4485-af20-06ce8044da18", "securityLabel": "Jira Security Label", "sourcePreference": "LABEL", "state": "ACTIVE", "workspaces": [ { "description": "Platform to track SOC 2 compliance within the organization", "howItWorks": null, "id": 1, "logo": "https://cdn.drata.com/icon/icon_fwhite_bblue_256.png", "name": "Drata", "primary": true, "url": "https://app.drata.com" } ], "writeAccessEnabled": false }, "disconnectedAt": "2020-07-06 12:00:00.000000", "hasIdp": true, "hasMfa": true, "id": 1, "identityId": "1a2b3c", "username": "Username" } ], "jobTitle": "CEO", "lastName": "Smith", "roles": [ "ROLE", "ANOTHER_ROLE" ], "updatedAt": "2020-07-06 12:00:00.000000" }}
Workflow Library Example
Add New Vendor with Drata and Send Results Via Email
Preview this Workflow on desktop
Was this page helpful?
Assistant
Responses are generated using AI and may contain mistakes.