Skip to main content

Get an inside-out view of your compliance status with integrations

Mark Glinski
  • Updated

In this article:

    SecurityScorecard's Compliance feature is available to all users who want to map issues to industry frameworks for their own Scorecards. Additionally, the ability to map security issues to industry frameworks for other organizations' Scorecards is available with a paid SecurityScorecard plan. See our plans page for more information about levels of features and access.

    Compliance is scheduled for Early Access release to a limited group of customers on February 15, 2023. It is targeted for General Availability release in March. For more information, talk to your Customer Success Manager or Sales Engineer.

    Use this article to learn how to connect your Amazon Web Services (AWS) or GitHub account to SecurityScorecard's Compliance feature. 

    Compliance leverages data that we collect in our continuous scans to provide an outside-in view of where your organization stands against industry best practices and compliance frameworks. You also can connect it to your cloud accounts, so that we can pull in configuration data, and enhance your compliance status with an inside-out view of your infrastructure.

    Note: After installing one of these integrations, you see data within 24 hours, as Compliance syncs with our daily scan schedule.

    Connect AWS to Compliance

    Note: To make this connection, you will  need to provide an access key and secret for each AWS account region you want to monitor. Make sure you have these items available before you start the setup.
    1. Go to a Scorecard and then select the Compliance tab on the left.

      compliance-select-tab.png

    2. Click the AWS link on the right side.

      compliance-integrate-select-aws.png

    3. Allow AWS to see your SecurityScorecard user name, email address, and organization name.

      compliance-integrate-aws-accept.png

    4. Enter your access key ID, secret access key, and region. Then, click Install.

      compliance-aws-install.png

    After installing this integration, you see data within 24 hours, as Compliance syncs with our daily scan schedule.

    Connect GitHub to Compliance

    Note: To make this connection, you will  need to provide a personal access token and base URL for each GitHub account that you want to monitor. Make sure you have these items available.
    1. Go to a Scorecard and then select the Compliance tab on the left.

      compliance-select-tab.png

    2. Click the GitHub link on the right side.

      compliance-integrate-select-aws.png

    3. Allow AWS to see your SecurityScorecard user name, email address, and organization name.

      compliance-integrate-github-accept.png

    4. Enter your personal access token and base URL for GitHub. Then, click Install.

      compliance-integrate-github-install.png

    After installing this integration, you see data within 24 hours, as Compliance syncs with our daily scan schedule.

    Get Help

    If you need help or have questions, submit a Support request.



    Related articles