At Secureframe, we’re committed to simplifying and automating security compliance for organizations of all sizes and needs, no matter how complex their environment.

That’s why we’re excited to announce that our customers can now create custom integrations with any data source, directly within Secureframe.

The challenge with relying on native integrations

Secureframe’s out-of-the-box integrations have made it easier than ever for small- to medium-sized businesses to automate evidence collection and streamline compliance. But what about the tools and systems outside of Secureframe’s current integration library?

While we offer native integrations to over 300 tools and counting, many organizations have:

• Legacy systems or custom-built apps
• On-premise or hybrid environments
• Niche or new tools that aren’t supported yet

In these cases, native integrations aren’t an option and manual uploads or workarounds only add complexity to the compliance process.  

Introducing Custom Integrations: The solution for enterprises with unique data environments

Understanding that companies with unique data environments often need to tailor compliance management, Secureframe customers can now build custom integrations to ingest, normalize, and monitor data from virtually any system, giving you more visibility and control over your tech stack.

You can now:

• Send raw data via an API endpoint or CSV upload: Secureframe will auto-detect the resource type and map source and target fields accordingly so your developers don’t have to.
• Define custom schemas: For each resource type, you can specify required and optional fields and edit these schemas at any time.

• Self debug: Get clear, descriptive error messages and request logs to troubleshoot errors, such as missing or invalid fields.
• Write custom tests: Use a no-code editor to define custom automated tests to continuously monitor resources from your custom integration with the test criteria that matters to you.
• Track assets centrally: Easily find assets ingested from custom integrations in our platform. Personnel accounts, training records, cloud resources, and devices will be normalized in the Secureframe platform so personnel accounts appear in the Personnel tab, and cloud resources and devices appear in the Cloud Resources tab within the Asset Inventory. Unmapped resource types appear in dedicated tabs, and you can also view all ingested resources by schema. 

Watch the video below to see the process of building a custom integration.

Benefits of Custom Integrations

Secureframe is built for flexibility, giving you the power to tailor your compliance program to your unique environment whether you're cloud-native, fully on-prem, or somewhere in between.

You can unlock a range of benefits with this latest solution, including:

• Tailoring compliance automation: With Custom Integrations, organizations can tailor compliance management to their unique data environment. Say a customer has a custom-built user management system. They can build a custom integration to ingest personnel account data, allowing them to automatically track and test user onboarding and offboarding.
• Ingesting custom asset types: Custom Integrations enables organizations to ingest custom asset types from virtually any data source, including legacy systems, proprietary tools, or hybrid environments. For example, a customer can build a custom integration to track maintenance schedules of equipment along with the rest of their data. 
• Eliminating the need for manual uploads: Custom Integrations enables you to automate more of the evidence collection process against resources pulled from your custom integrations, so you don’t have to manually upload that data. For example, a customer can build a custom integration to ingest on-premise computing and network resources, effectively extending Secureframe’s automation coverage.
• Reducing developer resources needed to build custom integrations: Since Custom Integrations handles schema inference automatically, customers can simply push raw data, like training records from a third-party training provider, and it will show up in the platform with logical relationships between resource types and custom objects. This means less time and resources will be required from your developers.  

What’s possible with Secureframe’s custom features?

The data and tools that used to live outside your Secureframe instance are now fully integrated, making your security and compliance program more complete, accurate, and scalable.

Custom Integrations is the latest piece in Secureframe’s powerful suite of custom compliance capabilities. This solution is built for organizations with complex environments and unique compliance needs, and includes custom frameworks and controls, Custom Automated Tests (CAT), and Secureframe Workspaces.

Whether you need one of these capabilities or all five, the value is clear: Secureframe’s custom features give organizations the power to tailor compliance with thorough automation.

Secureframe can now fully support companies with complex environments and needs, such as:

• Organizations that must comply with multiple, specialized frameworks 
• Organizations that operate across multiple subsidiaries with varying compliance obligations
• Organizations that run mostly on-prem infrastructure
• Organizations with complex data environments that want to achieve the same level of automation and visibility as a cloud-native SMB using our native integrations and tests.

To learn more about how Secureframe’s custom features makes this possible, request a demo.