The Drata integration automatically pushes Evidence to Drata for SOC2 and ISO27001:2022.
To activate the Drata integration, in Aikido: Go to Settings > Integrations > Drata and click 'Add Drata integration'.
You'll need to create a Drata API Key. You can generate such key in Drata via Username > Settings > API Keys > Create API Key.
Make sure the Expiration is set to 'Never Expires'.
The access for the scopes can be set to 'Custom' with at least following scopes.
Next, click 'Save' and copy your generated API Key.
Back in Aikido, paste the API Key and click 'Next'. After that, choose your Drata workspace and click 'Save'.
Aikido will now daily create a PDF report and sync this as 'external evidence' to Drata. We'll create a control with code 'AIKIDO' and link the relevant SOC2 and ISO27001 requirements. You can search for this control here.
Under 'Control evidence', our aikido will attach for every month.