The Drata integration automatically pushes Evidence to Drata for SOC2 and ISO27001:2022.
To activate the Drata integration, in Aikido: Go to Settings > Integrations > Drata and click 'Add Drata integration'.
API Key
You'll need to create a Drata API Key. You can generate such key in Drata via Username > Settings > API Keys > Create API Key.
Details
Make sure the Expiration is set to 'Never Expires'.
Scopes
The access for the scopes can be set to 'Custom' with at least following scopes.
Save
Next, click 'Save' and copy your generated API Key.
Back in Aikido, paste the API Key and click 'Next'. After that, choose your Drata workspace and click 'Save'.
Done
Aikido will now daily create a PDF report and sync this as 'external evidence' to Drata. We'll create a control with code 'AIKIDO' and link the relevant SOC2 and ISO27001 requirements. You can search for this control here.
Under 'Control evidence', our aikido will attach for every month.