Skip to main content
ISO 27001 and SOC 2 Compliance
Drata Compliance integration

Drata Compliance integration

The Drata integration automatically pushes Evidence to Drata for SOC2 and ISO27001:2022.

To activate the Drata integration, in Aikido: Go to Settings > Integrations > Drata and click 'Add Drata integration'.

API Key

You'll need to create a Drata API Key. You can generate such key in Drata via Username > Settings > API Keys > Create API Key.

Details

Make sure the Expiration is set to 'Never Expires'.

Scopes

The access for the scopes can be set to 'Custom' with at least following scopes.

Controls:

  • Controls list: Read

  • Add control: Write

  • Map external evidence: Read, Write

  • Delete mapped external evidence: Write

Workspaces:

  • List workspaces: Read

Frameworks:

  • List frameworks: Read

  • List framework requirements: Read

Save

Next, click 'Save' and copy your generated API Key.

Back in Aikido, paste the API Key and click 'Next'. After that, choose your Drata workspace and click 'Save'.

Done

Aikido will now daily create a PDF report and sync this as 'external evidence' to Drata. We'll create a control with code 'AIKIDO' and link the relevant SOC2 and ISO27001 requirements. You can search for this control here.

Under 'Control evidence', the Aikido PDF will be attached every month.

Set Up Drata Integration →

Discover Integration Details →