Integrations hero image

We Integrate with the tools our customers need

Our cutting-edge workflow platform seamlessly integrates with your existing tools. Need an integration you don't see? Let us know and we'll build it.

Sources

Components that fetch the resources which you need to scan.

GitHub

GitHub

Clone a Git repository from a remote origin.
Homepage Documentation
Dependency

Dependency

Accepts a pURL argument belonging to one of the supported types and generates a dependency file relevant to the type.
Homepage

Producers

Components that scan your resources and produce security alerts.

OSSF Scorecard

OSSF Scorecard

Generates scorecards for open source projects to show how they adhere with best practices.
Homepage Documentation
CDX Gen

CDX Gen

Generate a CycloneDX SBOM from source code.
Homepage Documentation
Trufflehog

Trufflehog

Secret scanner for repositories.
Homepage Documentation
Snyk Docker

Snyk Docker

Run Snyk For Docker.
Homepage Documentation
Snyk Python

Snyk Python

Run Snyk For Python.
Homepage Documentation
Python Bandit

Python Bandit

SAST scanner that analyses Python source code to look for security issues.
Homepage Documentation
Python PIP Safety

Python PIP Safety

Dependency scanner for Python projects.
Homepage Documentation
Golang Gosec

Golang Gosec

Analyse Go source code to look for security issues.
Homepage
Golang Nancy

Golang Nancy

Dependency scanner for Golang projects.
Homepage
Semgrep

Semgrep

Analyse source code using Semgrep to look for security issues.
Homepage Documentation

Enrichers

Components that enrich your security alerts with more details and turn them into actionable events.

Codeowners

Codeowners

Identifies a code owner for each finding.
DepsDev

DepsDev

Adds context from deps.dev for each third-party dependency.
Homepage
Training

Training

Adds relevant training resources to findings.
Reachability

Reachability

Performs a reachability check on a supplied repository using AppThreat/atom.
Deduplication

Deduplication

Compares multiple inputs and removes duplicates.
Homepage Documentation
Knowledgebase

Knowledgebase

Adds knowledge base information (e.g. OWASP Cheat Sheets) to findings.
Policy

Policy

Enforces security policies defined in OPA for each finding.
LLM

LLM

Adds information to findings using a language model.
Multitool Deduplication

Multitool Deduplication

Deduplicates findings from multiple tools.
Custom Annotation

Custom Annotation

Adds custom annotations to instances.
Homepage Documentation
Standards

Standards

Adds security standard information to findings using OpenCRE.

Consumers

Components that consume and display your security alerts.

PDF

PDF

Pushes findings to an S3 bucket as PDFs.
Homepage Documentation
DefectDojo

DefectDojo

Pushes findings to a DefectDojo vulnerability management instance.
Homepage Documentation
stdout JSON

stdout JSON

Prints findings to stdout in JSON format.
Homepage Documentation
Slack

Slack

Pushes findings to a Slack channel.
Homepage Documentation
Jira

Jira

Pushes findings to a Jira instance.
Homepage Documentation
ElasticSearch

ElasticSearch

Pushes findings to an Elasticsearch database.
Homepage Documentation

Need a new integration?

We’ve got the expertise to ensure you have the optimal
tools at your disposal to maximise your security workflow.

Email Us and we’ll build it

Sign up to our newsletter

We send infrequent emails to announce
features, specific use cases and white papers with new research.