diff --git a/apps/api/src/questionnaire/utils/questionnaire-storage.ts b/apps/api/src/questionnaire/utils/questionnaire-storage.ts index 77e3f4f6f5..2a7ddce9ec 100644 --- a/apps/api/src/questionnaire/utils/questionnaire-storage.ts +++ b/apps/api/src/questionnaire/utils/questionnaire-storage.ts @@ -149,7 +149,7 @@ export async function uploadQuestionnaireFile(params: { Body: fileBuffer, ContentType: params.fileType, Metadata: { - originalFileName: params.fileName, + originalFileName: sanitizedFileName, organizationId: params.organizationId, source: params.source, }, diff --git a/apps/app/src/app/(app)/[orgId]/integrations/[slug]/components/AccountSettingsSheet.tsx b/apps/app/src/app/(app)/[orgId]/integrations/[slug]/components/AccountSettingsSheet.tsx index abd2e3b8ca..27b54dc79c 100644 --- a/apps/app/src/app/(app)/[orgId]/integrations/[slug]/components/AccountSettingsSheet.tsx +++ b/apps/app/src/app/(app)/[orgId]/integrations/[slug]/components/AccountSettingsSheet.tsx @@ -1,7 +1,7 @@ 'use client'; import type { IntegrationProvider } from '@/hooks/use-integration-platform'; -import { Sheet, SheetBody, SheetContent, SheetHeader, SheetTitle } from '@trycompai/ui/sheet'; +import { Sheet, SheetBody, SheetContent, SheetHeader, SheetTitle } from '@trycompai/design-system'; import { AccountSettingsOAuthBody } from './account-settings-oauth'; import { AwsAccountSettingsBody } from './aws-account-settings-body'; @@ -26,12 +26,12 @@ export function AccountSettingsSheet({ return ( - - - Account Settings + + + Account Settings

{provider.name}

 - + {isAws ? ( - + { @@ -365,7 +365,7 @@ export const DeviceAgentDevicesList = ({ variant="destructive" > - Remove Device + Remove Device diff --git a/integrations-catalog/README.md b/integrations-catalog/README.md index fdf102ad26..bef5f03b5f 100644 --- a/integrations-catalog/README.md +++ b/integrations-catalog/README.md @@ -2,9 +2,9 @@ Public catalog of all compliance integrations available in the [CompAI](https://trycomp.ai) platform. -**574 integrations** across 9 categories. +**583 integrations** across 9 categories. -> Last updated: 2026-05-01 +> Last updated: 2026-05-11 ## What's in this catalog @@ -33,15 +33,15 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ ## Summary by category -- **Security** — 129 integrations +- **Security** — 134 integrations - **Productivity** — 120 integrations - **HR & People** — 63 integrations - **Monitoring** — 56 integrations - **Cloud** — 54 integrations -- **Development** — 53 integrations +- **Development** — 54 integrations - **Communication** — 47 integrations -- **Infrastructure** — 32 integrations -- **Identity & Access** — 20 integrations +- **Infrastructure** — 33 integrations +- **Identity & Access** — 22 integrations ## Full catalog @@ -156,7 +156,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Wistia](integrations/wistia.json) | `wistia` | custom | 2 | | | [Zoom](integrations/zoom.json) | `zoom` | oauth2 | 2 | | -### Development (53) +### Development (54) | Integration | Slug | Auth | Checks | Sync | |-------------|------|------|--------|------| @@ -173,6 +173,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Codacy](integrations/codacy.json) | `codacy` | custom | 2 | | | [Codecov](integrations/codecov.json) | `codecov` | api_key | 2 | | | [Codefresh](integrations/codefresh.json) | `codefresh` | api_key | 2 | | +| [Coder](integrations/coder.json) | `coder` | custom | 4 | ✓ | | [Docker Hub](integrations/docker-hub.json) | `docker-hub` | custom | 3 | | | [Flagsmith](integrations/flagsmith.json) | `flagsmith` | custom | 2 | | | [GitBook](integrations/gitbook.json) | `gitbook` | api_key | 2 | | @@ -187,7 +188,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Jira](integrations/jira.json) | `jira` | custom | 2 | | | [LambdaTest](integrations/lambdatest.json) | `lambdatest` | basic | 2 | | | [LaunchDarkly](integrations/launchdarkly.json) | `launchdarkly` | api_key | 2 | | -| [Linear](integrations/linear.json) | `linear` | custom | 2 | | +| [Linear](integrations/linear.json) | `linear` | custom | 1 | | | [Liveblocks](integrations/liveblocks.json) | `liveblocks` | api_key | 2 | | | [Mabl](integrations/mabl.json) | `mabl` | basic | 2 | | | [Mintlify](integrations/mintlify.json) | `mintlify` | custom | 2 | | @@ -238,8 +239,8 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Freshteam](integrations/freshteam.json) | `freshteam` | custom | 3 | ✓ | | [Greenhouse](integrations/greenhouse.json) | `greenhouse` | basic | 2 | | | [Gusto](integrations/gusto.json) | `gusto` | oauth2 | 2 | | -| [HiBob](integrations/hibob.json) | `hibob` | custom | 2 | | | [HiBob](integrations/bob.json) | `bob` | basic | 2 | ✓ | +| [HiBob](integrations/hibob.json) | `hibob` | custom | 2 | | | [HireRight](integrations/hireright.json) | `hireright` | custom | 1 | | | [Humaans](integrations/humaans.json) | `humaans` | custom | 1 | | | [Justworks](integrations/justworks.json) | `justworks` | oauth2 | 2 | ✓ | @@ -280,13 +281,14 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [WorkRamp](integrations/workramp.json) | `workramp` | custom | 1 | | | [Zelt](integrations/zelt.json) | `zelt` | custom | 1 | | | [Zenefits](integrations/zenefits.json) | `zenefits` | api_key | 1 | | -| [Zoho People](integrations/zoho-people.json) | `zoho-people` | custom | 2 | ✓ | +| [Zoho People](integrations/zoho-people.json) | `zoho-people` | oauth2 | 2 | ✓ | -### Identity & Access (20) +### Identity & Access (22) | Integration | Slug | Auth | Checks | Sync | |-------------|------|------|--------|------| | [Auth0](integrations/auth0.json) | `auth0` | custom | 3 | | +| [Beyond Identity](integrations/beyond-identity.json) | `beyond-identity` | custom | 3 | ✓ | | [Clerk](integrations/clerk.json) | `clerk` | api_key | 2 | | | [ConductorOne](integrations/conductorone.json) | `conductorone` | custom | 5 | ✓ | | [CyberArk](integrations/cyberark.json) | `cyberark` | custom | 3 | | @@ -295,10 +297,11 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Duo Security](integrations/duo.json) | `duo` | custom | 2 | | | [Frontegg](integrations/frontegg.json) | `frontegg` | api_key | 2 | | | [FusionAuth](integrations/fusionauth.json) | `fusionauth` | custom | 4 | ✓ | -| [JumpCloud](integrations/jumpcloud.json) | `jumpcloud` | custom | 3 | | +| [JumpCloud](integrations/jumpcloud.json) | `jumpcloud` | custom | 4 | ✓ | | [Microsoft Entra ID](integrations/entra-id.json) | `entra-id` | custom | 4 | ✓ | | [Okta](integrations/okta.json) | `okta` | custom | 5 | | | [OneLogin](integrations/onelogin.json) | `onelogin` | custom | 2 | | +| [Opal Security](integrations/opal-security.json) | `opal-security` | api_key | 4 | ✓ | | [Permit.io](integrations/permit-io.json) | `permit-io` | custom | 2 | | | [Persona](integrations/persona.json) | `persona` | api_key | 2 | | | [Ping Identity](integrations/ping-identity.json) | `ping-identity` | custom | 3 | | @@ -307,7 +310,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Stytch](integrations/stytch.json) | `stytch` | custom | 2 | | | [WorkOS](integrations/workos.json) | `workos` | api_key | 2 | | -### Infrastructure (32) +### Infrastructure (33) | Integration | Slug | Auth | Checks | Sync | |-------------|------|------|--------|------| @@ -320,6 +323,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Confluent Cloud](integrations/confluent-cloud.json) | `confluent-cloud` | custom | 4 | | | [Coolify](integrations/coolify.json) | `coolify` | custom | 2 | | | [Datto](integrations/datto.json) | `datto` | basic | 2 | | +| [DNSimple](integrations/dnsimple.json) | `dnsimple` | custom | 3 | | | [Druva](integrations/druva.json) | `druva` | custom | 5 | | | [env0](integrations/env0.json) | `env0` | basic | 2 | | | [Fastly](integrations/fastly.json) | `fastly` | api_key | 2 | | @@ -335,8 +339,8 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Pulumi Cloud](integrations/pulumi-cloud.json) | `pulumi-cloud` | api_key | 2 | | | [Qovery](integrations/qovery.json) | `qovery` | custom | 2 | | | [Railway](integrations/railway.json) | `railway` | custom | 2 | | -| [Snipe-IT](integrations/snipe-it.json) | `snipe-it` | custom | 4 | | | [Snipe-IT](integrations/snipeit.json) | `snipeit` | custom | 3 | | +| [Snipe-IT](integrations/snipe-it.json) | `snipe-it` | custom | 4 | | | [Tailscale](integrations/tailscale.json) | `tailscale` | api_key | 2 | | | [Teleport](integrations/teleport.json) | `teleport` | api_key | 2 | | | [Terraform Cloud](integrations/terraform-cloud.json) | `terraform-cloud` | custom | 2 | | @@ -374,8 +378,8 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Instatus](integrations/instatus.json) | `instatus` | custom | 2 | | | [LogicMonitor](integrations/logicmonitor.json) | `logicmonitor` | custom | 5 | | | [LogRocket](integrations/logrocket.json) | `logrocket` | api_key | 2 | | -| [Logz.io](integrations/logzio.json) | `logzio` | custom | 2 | | | [Logz.io](integrations/logz-io.json) | `logz-io` | custom | 3 | | +| [Logz.io](integrations/logzio.json) | `logzio` | custom | 2 | | | [Lumigo](integrations/lumigo.json) | `lumigo` | custom | 1 | | | [Mezmo](integrations/mezmo.json) | `mezmo` | custom | 2 | | | [Mezmo (LogDNA)](integrations/logdna.json) | `logdna` | custom | 2 | | @@ -433,7 +437,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Close](integrations/close.json) | `close` | custom | 2 | | | [Close CRM](integrations/close-crm.json) | `close-crm` | custom | 2 | | | [Coda](integrations/coda.json) | `coda` | api_key | 2 | | -| [Confluence](integrations/confluence.json) | `confluence` | custom | 2 | | +| [Confluence](integrations/confluence.json) | `confluence` | basic | 3 | ✓ | | [ConnectWise Manage](integrations/connectwise-manage.json) | `connectwise-manage` | custom | 2 | | | [Contentful](integrations/contentful.json) | `contentful` | api_key | 2 | | | [Contentstack](integrations/contentstack.json) | `contentstack` | custom | 2 | | @@ -482,11 +486,11 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Microsoft 365](integrations/microsoft-365.json) | `microsoft-365` | oauth2 | 3 | | | [Microsoft Power BI](integrations/power-bi.json) | `power-bi` | custom | 2 | | | [Miro](integrations/miro.json) | `miro` | api_key | 2 | | -| [Monday.com](integrations/monday.json) | `monday` | custom | 2 | | | [Monday.com](integrations/monday-com.json) | `monday-com` | api_key | 3 | | +| [Monday.com](integrations/monday.json) | `monday` | custom | 2 | | | [MURAL](integrations/mural.json) | `mural` | custom | 2 | | | [n8n](integrations/n8n.json) | `n8n` | custom | 3 | | -| [NetSuite](integrations/netsuite.json) | `netsuite` | custom | 2 | ✓ | +| [NetSuite](integrations/netsuite.json) | `netsuite` | custom | 3 | ✓ | | [Notion](integrations/notion.json) | `notion` | api_key | 3 | | | [Outreach](integrations/outreach.json) | `outreach` | oauth2 | 2 | | | [Paddle](integrations/paddle.json) | `paddle` | api_key | 2 | | @@ -527,10 +531,10 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Xero](integrations/xero.json) | `xero` | oauth2 | 2 | | | [Zapier](integrations/zapier.json) | `zapier` | api_key | 2 | | | [Zendesk](integrations/zendesk.json) | `zendesk` | custom | 2 | | -| [Zoho CRM](integrations/zoho-crm.json) | `zoho-crm` | custom | 3 | ✓ | +| [Zoho CRM](integrations/zoho-crm.json) | `zoho-crm` | oauth2 | 3 | ✓ | | [Zuora](integrations/zuora.json) | `zuora` | custom | 2 | | -### Security (129) +### Security (134) | Integration | Slug | Auth | Checks | Sync | |-------------|------|------|--------|------| @@ -557,6 +561,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Bugcrowd](integrations/bugcrowd.json) | `bugcrowd` | custom | 3 | | | [Carbon Black](integrations/carbon-black.json) | `carbon-black` | custom | 2 | | | [Cato Networks](integrations/cato-networks.json) | `cato-networks` | custom | 2 | | +| [Censys](integrations/censys.json) | `censys` | basic | 3 | | | [Certn](integrations/certn.json) | `certn` | custom | 2 | | | [Chainguard](integrations/chainguard.json) | `chainguard` | custom | 2 | | | [Check Point](integrations/checkpoint.json) | `checkpoint` | custom | 6 | | @@ -584,6 +589,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [FleetDM](integrations/fleetdm.json) | `fleetdm` | custom | 3 | | | [Forescout](integrations/forescout.json) | `forescout` | custom | 3 | | | [Fortinet FortiGate](integrations/fortinet-fortigate.json) | `fortinet-fortigate` | custom | 4 | | +| [FOSSA](integrations/fossa.json) | `fossa` | api_key | 3 | | | [GitGuardian](integrations/gitguardian.json) | `gitguardian` | api_key | 2 | | | [Go1](integrations/go1.json) | `go1` | oauth2 | 2 | ✓ | | [Gong](integrations/gong.json) | `gong` | custom | 2 | | @@ -605,7 +611,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [KnowBe4](integrations/knowbe4.json) | `knowbe4` | custom | 5 | | | [Kolide](integrations/kolide.json) | `kolide` | custom | 2 | | | [Lacework](integrations/lacework.json) | `lacework` | custom | 2 | | -| [LastPass Business](integrations/lastpass.json) | `lastpass` | custom | 3 | | +| [LastPass Business](integrations/lastpass.json) | `lastpass` | custom | 4 | | | [Malwarebytes](integrations/malwarebytes.json) | `malwarebytes` | custom | 3 | | | [ManageEngine Endpoint Central](integrations/manageengine-endpoint-central.json) | `manageengine-endpoint-central` | oauth2 | 4 | | | [ManageEngine Log360 Cloud](integrations/manageengine-log360-cloud.json) | `manageengine-log360-cloud` | oauth2 | 3 | | @@ -630,6 +636,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Qualys VMDR](integrations/qualys.json) | `qualys` | custom | 4 | | | [Rapid7](integrations/rapid7.json) | `rapid7` | custom | 2 | | | [Rubrik](integrations/rubrik.json) | `rubrik` | custom | 3 | | +| [SafeBase](integrations/safebase.json) | `safebase` | api_key | 2 | | | [Scalefusion](integrations/scalefusion.json) | `scalefusion` | api_key | 2 | | | [Secureframe](integrations/secureframe.json) | `secureframe` | api_key | 2 | | | [SecurityScorecard](integrations/securityscorecard.json) | `securityscorecard` | custom | 5 | | @@ -647,6 +654,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Tanium](integrations/tanium.json) | `tanium` | custom | 4 | | | [Tenable Cloud](integrations/tenable-cloud.json) | `tenable-cloud` | custom | 2 | | | [Tenable.io](integrations/tenable.json) | `tenable` | custom | 2 | | +| [Thinkst Canary](integrations/thinkst-canary.json) | `thinkst-canary` | custom | 4 | | | [ThreatDown (Malwarebytes)](integrations/threatdown.json) | `threatdown` | custom | 5 | | | [ThreatLocker](integrations/threatlocker.json) | `threatlocker` | custom | 6 | | | [Tines](integrations/tines.json) | `tines` | custom | 2 | | @@ -655,6 +663,7 @@ curl https://raw.githubusercontent.com/trycompai/comp/main/integrations-catalog/ | [Trellix](integrations/trellix.json) | `trellix` | custom | 3 | | | [Trend Micro Vision One](integrations/trend-micro-vision-one.json) | `trend-micro-vision-one` | custom | 4 | | | [Twingate](integrations/twingate.json) | `twingate` | custom | 4 | ✓ | +| [UpGuard](integrations/upguard.json) | `upguard` | api_key | 2 | | | [Veracode](integrations/veracode.json) | `veracode` | custom | 2 | | | [Verkada](integrations/verkada.json) | `verkada` | custom | 3 | | | [VMware Workspace ONE](integrations/vmware-workspace-one.json) | `vmware-workspace-one` | custom | 3 | | diff --git a/integrations-catalog/index.json b/integrations-catalog/index.json index 90af49548c..4c5aa0d98b 100644 --- a/integrations-catalog/index.json +++ b/integrations-catalog/index.json @@ -1,18 +1,18 @@ { - "generatedAt": "2026-05-01T19:08:04.283Z", - "total": 574, - "sourceCount": 574, - "uniqueSlugs": 574, + "generatedAt": "2026-05-11T18:03:02.706Z", + "total": 583, + "sourceCount": 583, + "uniqueSlugs": 583, "byCategory": { "HR & People": 63, - "Security": 129, + "Security": 134, "Productivity": 120, - "Infrastructure": 32, + "Infrastructure": 33, "Communication": 47, "Monitoring": 56, "Cloud": 54, - "Development": 53, - "Identity & Access": 20 + "Development": 54, + "Identity & Access": 22 }, "integrations": [ { @@ -474,6 +474,15 @@ "syncSupported": false, "file": "integrations/better-stack.json" }, + { + "slug": "beyond-identity", + "name": "Beyond Identity", + "category": "Identity & Access", + "authType": "custom", + "checkCount": 3, + "syncSupported": true, + "file": "integrations/beyond-identity.json" + }, { "slug": "beyond-trust", "name": "BeyondTrust", @@ -726,6 +735,15 @@ "syncSupported": false, "file": "integrations/census.json" }, + { + "slug": "censys", + "name": "Censys", + "category": "Security", + "authType": "basic", + "checkCount": 3, + "syncSupported": false, + "file": "integrations/censys.json" + }, { "slug": "ceridian-dayforce", "name": "Ceridian Dayforce", @@ -1023,6 +1041,15 @@ "syncSupported": false, "file": "integrations/codefresh.json" }, + { + "slug": "coder", + "name": "Coder", + "category": "Development", + "authType": "custom", + "checkCount": 4, + "syncSupported": true, + "file": "integrations/coder.json" + }, { "slug": "cohere", "name": "Cohere", @@ -1063,9 +1090,9 @@ "slug": "confluence", "name": "Confluence", "category": "Productivity", - "authType": "custom", - "checkCount": 2, - "syncSupported": false, + "authType": "basic", + "checkCount": 3, + "syncSupported": true, "file": "integrations/confluence.json" }, { @@ -1437,6 +1464,15 @@ "syncSupported": false, "file": "integrations/dixa.json" }, + { + "slug": "dnsimple", + "name": "DNSimple", + "category": "Infrastructure", + "authType": "custom", + "checkCount": 3, + "syncSupported": false, + "file": "integrations/dnsimple.json" + }, { "slug": "docebo", "name": "Docebo", @@ -1591,22 +1627,22 @@ "file": "integrations/egnyte.json" }, { - "slug": "elastic", + "slug": "elastic-cloud", "name": "Elastic Cloud", - "category": "Monitoring", + "category": "Cloud", "authType": "custom", "checkCount": 2, "syncSupported": false, - "file": "integrations/elastic.json" + "file": "integrations/elastic-cloud.json" }, { - "slug": "elastic-cloud", + "slug": "elastic", "name": "Elastic Cloud", - "category": "Cloud", + "category": "Monitoring", "authType": "custom", "checkCount": 2, "syncSupported": false, - "file": "integrations/elastic-cloud.json" + "file": "integrations/elastic.json" }, { "slug": "employment-hero", @@ -1788,6 +1824,15 @@ "syncSupported": false, "file": "integrations/fortinet-fortigate.json" }, + { + "slug": "fossa", + "name": "FOSSA", + "category": "Security", + "authType": "api_key", + "checkCount": 3, + "syncSupported": false, + "file": "integrations/fossa.json" + }, { "slug": "frame-io", "name": "Frame.io", @@ -2122,22 +2167,22 @@ "file": "integrations/hexnode.json" }, { - "slug": "hibob", + "slug": "bob", "name": "HiBob", "category": "HR & People", - "authType": "custom", + "authType": "basic", "checkCount": 2, - "syncSupported": false, - "file": "integrations/hibob.json" + "syncSupported": true, + "file": "integrations/bob.json" }, { - "slug": "bob", + "slug": "hibob", "name": "HiBob", "category": "HR & People", - "authType": "basic", + "authType": "custom", "checkCount": 2, - "syncSupported": true, - "file": "integrations/bob.json" + "syncSupported": false, + "file": "integrations/hibob.json" }, { "slug": "highlight-io", @@ -2423,8 +2468,8 @@ "name": "JumpCloud", "category": "Identity & Access", "authType": "custom", - "checkCount": 3, - "syncSupported": false, + "checkCount": 4, + "syncSupported": true, "file": "integrations/jumpcloud.json" }, { @@ -2603,7 +2648,7 @@ "name": "LastPass Business", "category": "Security", "authType": "custom", - "checkCount": 3, + "checkCount": 4, "syncSupported": false, "file": "integrations/lastpass.json" }, @@ -2639,7 +2684,7 @@ "name": "Linear", "category": "Development", "authType": "custom", - "checkCount": 2, + "checkCount": 1, "syncSupported": false, "file": "integrations/linear.json" }, @@ -2698,22 +2743,22 @@ "file": "integrations/logrocket.json" }, { - "slug": "logzio", + "slug": "logz-io", "name": "Logz.io", "category": "Monitoring", "authType": "custom", - "checkCount": 2, + "checkCount": 3, "syncSupported": false, - "file": "integrations/logzio.json" + "file": "integrations/logz-io.json" }, { - "slug": "logz-io", + "slug": "logzio", "name": "Logz.io", "category": "Monitoring", "authType": "custom", - "checkCount": 3, + "checkCount": 2, "syncSupported": false, - "file": "integrations/logz-io.json" + "file": "integrations/logzio.json" }, { "slug": "looker", @@ -3022,22 +3067,22 @@ "file": "integrations/mixpanel.json" }, { - "slug": "monday", + "slug": "monday-com", "name": "Monday.com", "category": "Productivity", - "authType": "custom", - "checkCount": 2, + "authType": "api_key", + "checkCount": 3, "syncSupported": false, - "file": "integrations/monday.json" + "file": "integrations/monday-com.json" }, { - "slug": "monday-com", + "slug": "monday", "name": "Monday.com", "category": "Productivity", - "authType": "api_key", - "checkCount": 3, + "authType": "custom", + "checkCount": 2, "syncSupported": false, - "file": "integrations/monday-com.json" + "file": "integrations/monday.json" }, { "slug": "mongodb-atlas", @@ -3170,7 +3215,7 @@ "name": "NetSuite", "category": "Productivity", "authType": "custom", - "checkCount": 2, + "checkCount": 3, "syncSupported": true, "file": "integrations/netsuite.json" }, @@ -3300,6 +3345,15 @@ "syncSupported": false, "file": "integrations/onetrust.json" }, + { + "slug": "opal-security", + "name": "Opal Security", + "category": "Identity & Access", + "authType": "api_key", + "checkCount": 4, + "syncSupported": true, + "file": "integrations/opal-security.json" + }, { "slug": "openai", "name": "OpenAI", @@ -3957,6 +4011,15 @@ "syncSupported": false, "file": "integrations/rudderstack.json" }, + { + "slug": "safebase", + "name": "SafeBase", + "category": "Security", + "authType": "api_key", + "checkCount": 2, + "syncSupported": false, + "file": "integrations/safebase.json" + }, { "slug": "sage-accounting", "name": "Sage Accounting", @@ -4201,22 +4264,22 @@ "file": "integrations/smartsheet.json" }, { - "slug": "snipe-it", + "slug": "snipeit", "name": "Snipe-IT", "category": "Infrastructure", "authType": "custom", - "checkCount": 4, + "checkCount": 3, "syncSupported": false, - "file": "integrations/snipe-it.json" + "file": "integrations/snipeit.json" }, { - "slug": "snipeit", + "slug": "snipe-it", "name": "Snipe-IT", "category": "Infrastructure", "authType": "custom", - "checkCount": 3, + "checkCount": 4, "syncSupported": false, - "file": "integrations/snipeit.json" + "file": "integrations/snipe-it.json" }, { "slug": "snowflake", @@ -4255,22 +4318,22 @@ "file": "integrations/socket.json" }, { - "slug": "sonarqube-cloud", + "slug": "sonarcloud", "name": "SonarCloud", - "category": "Development", - "authType": "api_key", + "category": "Security", + "authType": "custom", "checkCount": 2, "syncSupported": false, - "file": "integrations/sonarqube-cloud.json" + "file": "integrations/sonarcloud.json" }, { - "slug": "sonarcloud", + "slug": "sonarqube-cloud", "name": "SonarCloud", - "category": "Security", - "authType": "custom", + "category": "Development", + "authType": "api_key", "checkCount": 2, "syncSupported": false, - "file": "integrations/sonarcloud.json" + "file": "integrations/sonarqube-cloud.json" }, { "slug": "sonarqube-server", @@ -4641,6 +4704,15 @@ "syncSupported": false, "file": "integrations/testrail.json" }, + { + "slug": "thinkst-canary", + "name": "Thinkst Canary", + "category": "Security", + "authType": "custom", + "checkCount": 4, + "syncSupported": false, + "file": "integrations/thinkst-canary.json" + }, { "slug": "threatdown", "name": "ThreatDown (Malwarebytes)", @@ -4839,6 +4911,15 @@ "syncSupported": false, "file": "integrations/updown.json" }, + { + "slug": "upguard", + "name": "UpGuard", + "category": "Security", + "authType": "api_key", + "checkCount": 2, + "syncSupported": false, + "file": "integrations/upguard.json" + }, { "slug": "upstash", "name": "Upstash", @@ -5131,7 +5212,7 @@ "slug": "zoho-crm", "name": "Zoho CRM", "category": "Productivity", - "authType": "custom", + "authType": "oauth2", "checkCount": 3, "syncSupported": true, "file": "integrations/zoho-crm.json" @@ -5140,7 +5221,7 @@ "slug": "zoho-people", "name": "Zoho People", "category": "HR & People", - "authType": "custom", + "authType": "oauth2", "checkCount": 2, "syncSupported": true, "file": "integrations/zoho-people.json" diff --git a/integrations-catalog/integrations/beyond-identity.json b/integrations-catalog/integrations/beyond-identity.json new file mode 100644 index 0000000000..5c8826c26f --- /dev/null +++ b/integrations-catalog/integrations/beyond-identity.json @@ -0,0 +1,79 @@ +{ + "slug": "beyond-identity", + "name": "Beyond Identity", + "description": "Monitor Beyond Identity for passwordless MFA enrollment, identity access management, and role-based access controls.", + "category": "Identity & Access", + "docsUrl": "https://developer.beyondidentity.com/api/v1", + "baseUrl": null, + "authConfig": { + "type": "custom", + "config": { + "setupInstructions": "Setup steps:\n\n1. Log in to your Beyond Identity Admin Console at https://console-us.beyondidentity.com (US) or https://console-eu.beyondidentity.com (EU)\n2. Navigate to your tenant and realm\n3. Go to Applications and find or create a Management API application\n4. Copy the Application ID, Client ID, and Client Secret\n5. Note your Tenant ID and Realm ID from the console URL or settings\n6. Select your region (US or EU)", + "credentialFields": [ + { + "label": "Tenant ID", + "type": "text", + "required": true + }, + { + "label": "Realm ID", + "type": "text", + "required": true + }, + { + "label": "Application ID", + "type": "text", + "required": true, + "helpText": "The Beyond Identity Management API application ID" + }, + { + "label": "Client ID", + "type": "text", + "required": true + }, + { + "label": "Client Secret", + "type": "password", + "required": true + }, + { + "label": "Region", + "type": "text", + "required": true, + "helpText": "US or EU (e.g. 'us' or 'eu')" + } + ] + } + }, + "capabilities": [ + "checks", + "sync" + ], + "supportsMultipleConnections": false, + "syncSupported": true, + "checks": [ + { + "slug": "beyond_identity_2fa", + "name": "Beyond Identity 2FA", + "description": "Verifies all identities have bound passwordless credentials (passkeys) for MFA authentication.", + "defaultSeverity": "high", + "enabled": true + }, + { + "slug": "beyond_identity_employee_access", + "name": "Beyond Identity Employee Access", + "description": "Verifies identities and groups are properly configured for employee access management.", + "defaultSeverity": "medium", + "enabled": true + }, + { + "slug": "beyond_identity_rbac", + "name": "Beyond Identity Role-Based Access Controls", + "description": "Verifies resource servers have roles defined for proper role-based access control.", + "defaultSeverity": "high", + "enabled": true + } + ], + "checkCount": 3, + "isActive": true +} diff --git a/integrations-catalog/integrations/bitbucket.json b/integrations-catalog/integrations/bitbucket.json index d316d7c8c5..e2a03dd2c1 100644 --- a/integrations-catalog/integrations/bitbucket.json +++ b/integrations-catalog/integrations/bitbucket.json @@ -8,19 +8,19 @@ "authConfig": { "type": "custom", "config": { - "setupInstructions": "1. Log in to Bitbucket\n2. Go to Personal Settings > App passwords\n3. Create an App Password with Repositories:Read and Account:Read permissions\n4. Enter your Bitbucket username and the App Password below", + "setupInstructions": "1. Go to https://id.atlassian.com/manage-profile/security/api-tokens\n2. Click \"Create API token with scopes\"\n3. Name the token, set an expiry date, and select Bitbucket as the app\n4. Assign Repositories: Read and User data: Read permissions\n5. Copy the token (it is only shown once)\n6. Enter your Atlassian account email and the API token below\n\nNote: Bitbucket App Passwords have been deprecated. Use API tokens instead.", "credentialFields": [ { - "label": "Bitbucket Username", + "label": "Atlassian Account Email", "type": "text", "required": true, - "helpText": "Your Bitbucket username (not email)" + "helpText": "Your Atlassian account email address (listed under Email Aliases in Bitbucket Personal Settings)" }, { - "label": "App Password", + "label": "API Token", "type": "password", "required": true, - "helpText": "Created in Bitbucket > Personal Settings > App passwords" + "helpText": "Created in Atlassian Account Settings > Security > API tokens" } ] } diff --git a/integrations-catalog/integrations/bitdefender-gravityzone.json b/integrations-catalog/integrations/bitdefender-gravityzone.json index f0078851b9..be5466bd73 100644 --- a/integrations-catalog/integrations/bitdefender-gravityzone.json +++ b/integrations-catalog/integrations/bitdefender-gravityzone.json @@ -8,7 +8,7 @@ "authConfig": { "type": "custom", "config": { - "setupInstructions": "1. Log into your Bitdefender GravityZone Control Center\n2. Click your username (top-right) and select My Account\n3. Go to the API keys section and click Add\n4. Select the APIs you need (Network, Policies, General, Quarantine) and click Generate\n5. Copy the API key and paste it here\n6. Select your region (Global or EU)", + "setupInstructions": "1. Log into your Bitdefender GravityZone Control Center\n2. Click your username (top-right) and select My Account\n3. Scroll to the API keys section and click Add\n4. Enter a description (e.g. \"Comp AI\")\n5. Under Enabled APIs, check ALL of the following:\n - Network API\n - Policies API\n - General API\n - Event Push Service API ← required for the Monitoring & Alerting check\n - Quarantine API\n6. Click Generate, then copy the key (it is only shown once)\n7. Paste the key here and select your region (Global or EU)", "credentialFields": [ { "label": "API Key", @@ -55,7 +55,7 @@ { "slug": "quarantine_management", "name": "Monitoring & Alerting", - "description": "Monitors quarantined threats for recent security incidents", + "description": "Verifies that the GravityZone Push Event Service is configured and active for security event monitoring", "defaultSeverity": "medium", "enabled": true }, diff --git a/integrations-catalog/integrations/censys.json b/integrations-catalog/integrations/censys.json new file mode 100644 index 0000000000..9b3aadfc94 --- /dev/null +++ b/integrations-catalog/integrations/censys.json @@ -0,0 +1,46 @@ +{ + "slug": "censys", + "name": "Censys", + "description": "Monitor internet-facing assets and attack surface with Censys Search. Verify infrastructure inventory, host monitoring, and account health for compliance.", + "category": "Security", + "docsUrl": "https://search.censys.io/api", + "baseUrl": "https://search.censys.io/api", + "authConfig": { + "type": "basic", + "config": { + "setupInstructions": "1. Log in to Censys at https://search.censys.io\n2. Go to Account > API (https://search.censys.io/account/api)\n3. Copy your API ID and API Secret\n4. Paste them below", + "usernameField": "api_id", + "passwordField": "api_secret" + } + }, + "capabilities": [ + "checks" + ], + "supportsMultipleConnections": false, + "syncSupported": false, + "checks": [ + { + "slug": "censys_monitoring_alerting", + "name": "Censys Monitoring and Alerting", + "description": "Verifies the Censys account is active and has remaining query allowance for continuous monitoring.", + "defaultSeverity": "high", + "enabled": true + }, + { + "slug": "censys_app_availability", + "name": "Censys App Availability", + "description": "Verifies that hosts are being monitored for the organization's domain via Censys Search.", + "defaultSeverity": "medium", + "enabled": true + }, + { + "slug": "censys_infrastructure_inventory", + "name": "Censys Infrastructure Inventory", + "description": "Verifies that infrastructure assets are tracked and inventoried in Censys for the organization's domain.", + "defaultSeverity": "medium", + "enabled": true + } + ], + "checkCount": 3, + "isActive": true +} diff --git a/integrations-catalog/integrations/coder.json b/integrations-catalog/integrations/coder.json new file mode 100644 index 0000000000..f6d4242c68 --- /dev/null +++ b/integrations-catalog/integrations/coder.json @@ -0,0 +1,66 @@ +{ + "slug": "coder", + "name": "Coder", + "description": "Coder provides self-hosted cloud development environments. This integration verifies employee access, audit logging, authentication methods, and employee status tracking.", + "category": "Development", + "docsUrl": "https://coder.com/docs/reference/api", + "baseUrl": null, + "authConfig": { + "type": "custom", + "config": { + "setupInstructions": "1. Log in to your Coder deployment\n2. Go to Settings > Tokens (or visit /cli-auth)\n3. Create a new token and copy it\n4. Enter your Coder instance URL and the token below", + "credentialFields": [ + { + "label": "Instance URL", + "type": "text", + "required": true, + "helpText": "Your Coder deployment URL, e.g. https://coder.company.com (no trailing slash)" + }, + { + "label": "Session Token", + "type": "password", + "required": true, + "helpText": "Generate at your-instance/cli-auth or Settings > Tokens" + } + ] + } + }, + "capabilities": [ + "checks", + "sync" + ], + "supportsMultipleConnections": false, + "syncSupported": true, + "checks": [ + { + "slug": "coder_employee_access", + "name": "Employee Access", + "description": "Lists all Coder users with their roles and status, verifying proper access management.", + "defaultSeverity": "medium", + "enabled": true + }, + { + "slug": "coder_access_review_log", + "name": "Access Review Log", + "description": "Verifies that audit logging is active in Coder with recent entries for access review.", + "defaultSeverity": "medium", + "enabled": true + }, + { + "slug": "coder_2fa", + "name": "2FA", + "description": "Verifies that external authentication (OIDC or GitHub SSO) is enabled, delegating 2FA to the identity provider.", + "defaultSeverity": "high", + "enabled": true + }, + { + "slug": "coder_employee_verification", + "name": "Employee Verification", + "description": "Verifies that all Coder users have proper status tracking (active, suspended, or dormant).", + "defaultSeverity": "medium", + "enabled": true + } + ], + "checkCount": 4, + "isActive": true +} diff --git a/integrations-catalog/integrations/confluence.json b/integrations-catalog/integrations/confluence.json index 2f90bce680..cf0429276e 100644 --- a/integrations-catalog/integrations/confluence.json +++ b/integrations-catalog/integrations/confluence.json @@ -1,59 +1,47 @@ { "slug": "confluence", "name": "Confluence", - "description": "Monitor Confluence spaces and user access for documentation and policy publishing compliance", + "description": "Monitor Confluence Cloud access controls, space permissions, and audit logging for compliance evidence. Syncs employee access from Confluence user groups.", "category": "Productivity", "docsUrl": "https://developer.atlassian.com/cloud/confluence/rest/v1/", - "baseUrl": "https://atlassian.net/", + "baseUrl": "https://example.atlassian.net", "authConfig": { - "type": "custom", + "type": "basic", "config": { - "setupInstructions": "1. Log in to your Atlassian account at id.atlassian.com\n2. Go to Security > API tokens (id.atlassian.com/manage-profile/security/api-tokens)\n3. Click 'Create API token', give it a name, and copy the token\n4. Enter the fields above:\n - Site Domain: your Atlassian site (e.g. yourcompany.atlassian.net)\n - Email: the email of the account that created the token\n - API Token: the token you just copied\n - Group Name (optional): leave empty for the default 'confluence-users' group, or enter your custom group name\n5. Tip: We recommend using an Atlassian service account rather than a personal account. Create one at admin.atlassian.com > Directory > Users", - "credentialFields": [ - { - "label": "Atlassian Site Domain", - "type": "text", - "required": true - }, - { - "label": "Email", - "type": "text", - "required": true - }, - { - "label": "API Token", - "type": "password", - "required": true - }, - { - "label": "Confluence Group Name", - "type": "text", - "required": false - } - ] + "setupInstructions": "1. Go to https://id.atlassian.com/manage-profile/security/api-tokens\n2. Click 'Create API token' and give it a name like 'CompAI'\n3. Copy the API token\n4. Enter your Atlassian account email and the API token below\n5. After connecting, enter your Atlassian site name (the part before .atlassian.net in your URL, e.g. 'mycompany' from mycompany.atlassian.net)", + "usernameField": "email", + "passwordField": "api_token" } }, "capabilities": [ - "checks" + "checks", + "sync" ], "supportsMultipleConnections": false, - "syncSupported": false, + "syncSupported": true, "checks": [ { - "slug": "spaces", - "name": "Publish Policies", - "description": "Verifies Confluence spaces exist for policy publishing", + "slug": "confluence_employee_access", + "name": "Employee Access", + "description": "Lists all users with access to Confluence for employee access review evidence", "defaultSeverity": "medium", "enabled": true }, { - "slug": "members", - "name": "Employee Access", - "description": "Reviews Confluence group members for employee access management", + "slug": "confluence_space_permissions", + "name": "Space Permissions Review", + "description": "Reviews Confluence space permissions and flags spaces with anonymous or public access enabled", + "defaultSeverity": "medium", + "enabled": true + }, + { + "slug": "confluence_audit_log", + "name": "Audit Logging", + "description": "Verifies that Confluence audit logging is active with recent entries", "defaultSeverity": "medium", "enabled": true } ], - "checkCount": 2, + "checkCount": 3, "isActive": true } diff --git a/integrations-catalog/integrations/dnsimple.json b/integrations-catalog/integrations/dnsimple.json new file mode 100644 index 0000000000..0184126106 --- /dev/null +++ b/integrations-catalog/integrations/dnsimple.json @@ -0,0 +1,58 @@ +{ + "slug": "dnsimple", + "name": "DNSimple", + "description": "DNSimple provides domain registration, DNS hosting, and SSL certificate management with a developer-friendly API.", + "category": "Infrastructure", + "docsUrl": "https://developer.dnsimple.com/v2/", + "baseUrl": "https://api.dnsimple.com/v2", + "authConfig": { + "type": "custom", + "config": { + "setupInstructions": "1. Log in to DNSimple at https://dnsimple.com\n2. Go to Account > Access Tokens\n3. Create a new account token or user token\n4. Copy the token value\n5. Find your Account ID in Account settings\n6. Enter both values above", + "credentialFields": [ + { + "label": "API Token", + "type": "text", + "required": true, + "helpText": "OAuth2 or account token from your DNSimple account settings." + }, + { + "label": "Account ID", + "type": "text", + "required": true, + "helpText": "Your DNSimple account ID (numeric). Find it at Settings > Account." + } + ] + } + }, + "capabilities": [ + "checks" + ], + "supportsMultipleConnections": false, + "syncSupported": false, + "checks": [ + { + "slug": "dnsimple_tls_https", + "name": "TLS / HTTPS", + "description": "Checks SSL/TLS certificates managed in DNSimple for expiration and validity status.", + "defaultSeverity": "high", + "enabled": true + }, + { + "slug": "dnsimple_encryption_at_rest", + "name": "Encryption at Rest", + "description": "Checks DNSSEC status for domains managed in DNSimple to ensure DNS query integrity.", + "defaultSeverity": "medium", + "enabled": true + }, + { + "slug": "dnsimple_app_availability", + "name": "App Availability", + "description": "Checks domain registration status and expiration dates to ensure continuity of service.", + "defaultSeverity": "high", + "enabled": true + } + ], + "checkCount": 3, + "isActive": true +} diff --git a/integrations-catalog/integrations/firebase.json b/integrations-catalog/integrations/firebase.json index f4931de747..b34c47e68d 100644 --- a/integrations-catalog/integrations/firebase.json +++ b/integrations-catalog/integrations/firebase.json @@ -8,7 +8,7 @@ "authConfig": { "type": "oauth2", "config": { - "setupInstructions": "Use your existing Google OAuth app or create one at Google Cloud Console > APIs & Credentials. Enable the Identity Toolkit API and Firebase Rules API. Add scopes: identitytoolkit and firebase.readonly.", + "setupInstructions": "1. Go to Google Cloud Console > APIs & Credentials for your Firebase project\n2. Enable these two APIs:\n - Identity Toolkit API: https://console.developers.google.com/apis/api/identitytoolkit.googleapis.com/overview\n - Firebase Rules API: https://console.developers.google.com/apis/api/firebaserules.googleapis.com/overview\n3. Make sure both APIs are enabled on the SAME project where your Firebase app lives\n4. Use your existing Google OAuth app or create one with scopes: identitytoolkit and firebase.readonly\n5. Enter your Firebase Project ID when connecting (found in Firebase Console > Project Settings)\n\n─────────────────────────────────────────\nIMPORTANT — Account permissions\n\nThe Google account you sign in with must have at least the \"Firebase Viewer\" role (roles/firebase.viewer) on the Firebase project you want to monitor. Owners and Editors already have it by default.\n\nIf your account does not, ask a project admin to grant it:\n1. Open https://console.developers.google.com/iam-admin/iam?project=YOUR_PROJECT_ID\n2. Click \"+ Grant Access\" (or pencil-edit your existing entry)\n3. Add role: \"Firebase Viewer\"\n4. Save and wait ~1 minute for propagation\n\nThen come back here and click Connect. If a check fails with \"The caller does not have permission\", this is almost always the fix.\n─────────────────────────────────────────", "createAppUrl": "https://console.cloud.google.com/apis/credentials", "scopes": [ "https://www.googleapis.com/auth/identitytoolkit", diff --git a/integrations-catalog/integrations/fossa.json b/integrations-catalog/integrations/fossa.json new file mode 100644 index 0000000000..38978426fb --- /dev/null +++ b/integrations-catalog/integrations/fossa.json @@ -0,0 +1,44 @@ +{ + "slug": "fossa", + "name": "FOSSA", + "description": "Monitor FOSSA open source license compliance and vulnerability scanning for project security and policy enforcement", + "category": "Security", + "docsUrl": "https://docs.fossa.com/docs/api-reference", + "baseUrl": "https://app.fossa.com", + "authConfig": { + "type": "api_key", + "config": { + "setupInstructions": "1. Log in to FOSSA at https://app.fossa.com\n2. Go to Settings > API Tokens (or Account Settings > API)\n3. Click 'Generate Token' or 'Add Token'\n4. Copy the generated token and paste it below" + } + }, + "capabilities": [ + "checks" + ], + "supportsMultipleConnections": false, + "syncSupported": false, + "checks": [ + { + "slug": "fossa_secure_code", + "name": "Secure Code - Project Scanning", + "description": "Verifies that projects are actively being scanned by FOSSA and have recent analysis results", + "defaultSeverity": "high", + "enabled": true + }, + { + "slug": "fossa_sanitized_inputs", + "name": "Sanitized Inputs - License Compliance Policies", + "description": "Verifies that FOSSA license compliance policies are configured to enforce approved open source usage", + "defaultSeverity": "medium", + "enabled": true + }, + { + "slug": "fossa_publish_policies", + "name": "Publish Policies - Open Source Usage Policies", + "description": "Verifies that open source usage policies exist in FOSSA to govern how open source components are used across projects", + "defaultSeverity": "medium", + "enabled": true + } + ], + "checkCount": 3, + "isActive": true +} diff --git a/integrations-catalog/integrations/hubspot.json b/integrations-catalog/integrations/hubspot.json index 096b1d4f18..a3dadb1cc7 100644 --- a/integrations-catalog/integrations/hubspot.json +++ b/integrations-catalog/integrations/hubspot.json @@ -8,13 +8,13 @@ "authConfig": { "type": "custom", "config": { - "setupInstructions": "1. Log in to HubSpot\n2. Go to Settings > Integrations > Private Apps\n3. Create a new private app\n4. Add scopes: settings.users.read, crm.objects.owners.read\n5. Copy and paste the access token below", + "setupInstructions": "1. Log in to HubSpot as a Super Admin\n2. Go to Development (left sidebar)\n3. Click Keys > Service keys\n4. Click \"Create service key\" in the top right\n5. Name your key (e.g. \"CompAI\")\n6. Click \"Add new scope\" and select: settings.users.read, crm.objects.owners.read\n7. Click Update, then Create\n8. Copy the service key and paste it below\n\nNote: If you still see Private Apps instead of Service Keys, go to Development > Legacy apps and create a legacy private app with the same scopes.", "credentialFields": [ { - "label": "Private App Token", + "label": "Service Key", "type": "password", "required": true, - "helpText": "Create a Private App in HubSpot > Settings > Integrations > Private Apps" + "helpText": "Create a Service Key in HubSpot > Development > Keys > Service keys" } ] } diff --git a/integrations-catalog/integrations/infisical.json b/integrations-catalog/integrations/infisical.json index 2fc8fd91dc..90cddab85e 100644 --- a/integrations-catalog/integrations/infisical.json +++ b/integrations-catalog/integrations/infisical.json @@ -4,11 +4,11 @@ "description": "Monitor Infisical secrets management workspaces and member access for secrets hygiene compliance", "category": "Security", "docsUrl": "https://infisical.com/docs/api-reference/overview/introduction", - "baseUrl": "https://app.infisical.com/", + "baseUrl": "https://app.infisical.com", "authConfig": { "type": "api_key", "config": { - "setupInstructions": "1. In Infisical, go to Organization Settings > Access Control > Identities\n2. Create a Machine Identity with the 'Member' role\n3. Under Authentication, configure Universal Auth\n4. Note the Client ID and Client Secret\n5. Obtain an access token: POST https://app.infisical.com/api/v1/auth/universal-auth/login with clientId and clientSecret\n6. Paste the access token below\n\nNote: Access tokens expire (default 30 days). You may need to refresh periodically." + "setupInstructions": "1. Create a Machine Identity in Infisical (Org Settings > Access Control > Identities)\n2. Assign the 'Member' role (or a custom role with project read access)\n3. Configure authentication - choose ONE:\n\n Option A (Token Auth - simplest):\n - On the identity page, switch auth to Token Auth\n - Create an access token directly in the UI\n - Copy and paste it below\n\n Option B (Universal Auth):\n - Configure Universal Auth on the identity\n - Note the Client ID and Client Secret\n - Exchange them for an access token: POST https://app.infisical.com/api/v1/auth/universal-auth/login\n - Paste the access token below\n\nIMPORTANT: Service tokens will NOT work. You must use a Machine Identity.\nNote: Access tokens expire (default 30 days). You may need to refresh periodically." } }, "capabilities": [ diff --git a/integrations-catalog/integrations/jira.json b/integrations-catalog/integrations/jira.json index e5961cc958..955b6a2fe9 100644 --- a/integrations-catalog/integrations/jira.json +++ b/integrations-catalog/integrations/jira.json @@ -8,7 +8,7 @@ "authConfig": { "type": "custom", "config": { - "setupInstructions": "1. Go to https://id.atlassian.com/manage-profile/security/api-tokens\n2. Create an API token\n3. Enter your Atlassian email and the API token below, along with your Jira subdomain in each check", + "setupInstructions": "1. Go to https://id.atlassian.com/manage-profile/security/api-tokens\n2. Click \"Create API token\" (not \"Create API token with scopes\")\n3. Name the token and set an expiry date, then copy it\n4. Enter your Atlassian account email and the token below\n5. Enter your Jira subdomain in each check (e.g. mycompany from mycompany.atlassian.net)\n\nImportant: Use an API token WITHOUT scopes (classic token). Scoped API tokens require a different API URL that is not currently supported. If you see empty results or errors, verify you created a token without scopes.", "credentialFields": [ { "label": "Email Address", diff --git a/integrations-catalog/integrations/jumpcloud.json b/integrations-catalog/integrations/jumpcloud.json index a975d90206..fb86e320d4 100644 --- a/integrations-catalog/integrations/jumpcloud.json +++ b/integrations-catalog/integrations/jumpcloud.json @@ -8,7 +8,7 @@ "authConfig": { "type": "custom", "config": { - "setupInstructions": "1. Log in to JumpCloud Admin Console\n2. Click your user icon > API Settings\n3. Copy your API key\n4. Paste it below", + "setupInstructions": "1. Log in to JumpCloud Admin Console\n2. Click your account name (bottom-left) and select 'My API Key'\n3. Note: API access must be enabled by an Admin with Billing role. If you see 'You don't have permission', contact your Billing Admin.\n4. Click 'Generate New API Key' if needed\n5. Copy the API key and paste it below", "credentialFields": [ { "label": "API Key", @@ -20,10 +20,11 @@ } }, "capabilities": [ - "checks" + "checks", + "sync" ], "supportsMultipleConnections": false, - "syncSupported": false, + "syncSupported": true, "checks": [ { "slug": "user_access", @@ -42,11 +43,18 @@ { "slug": "systems", "name": "Secure Devices", - "description": "Lists JumpCloud managed systems for device compliance", + "description": "Verifies all JumpCloud-managed devices have full disk encryption enabled and reports OS version", + "defaultSeverity": "medium", + "enabled": true + }, + { + "slug": "os_patching", + "name": "OS Version & Patching", + "description": "Verifies OS versions across managed devices and lists applied patches (Windows). Requires JumpCloud System Insights to be enabled.", "defaultSeverity": "medium", "enabled": true } ], - "checkCount": 3, + "checkCount": 4, "isActive": true } diff --git a/integrations-catalog/integrations/lastpass.json b/integrations-catalog/integrations/lastpass.json index a0b0db51c5..23adfd1f36 100644 --- a/integrations-catalog/integrations/lastpass.json +++ b/integrations-catalog/integrations/lastpass.json @@ -51,8 +51,15 @@ "description": "Reviews LastPass Business user groups and admin roles to verify role-based access controls are in place", "defaultSeverity": "medium", "enabled": true + }, + { + "slug": "lastpass_secure_secrets", + "name": "Secure Secrets", + "description": "Reviews LastPass shared folders to verify secrets are managed securely with appropriate access controls and sharing policies", + "defaultSeverity": "medium", + "enabled": true } ], - "checkCount": 3, + "checkCount": 4, "isActive": true } diff --git a/integrations-catalog/integrations/linear.json b/integrations-catalog/integrations/linear.json index 2e47594e85..d68f677360 100644 --- a/integrations-catalog/integrations/linear.json +++ b/integrations-catalog/integrations/linear.json @@ -8,13 +8,13 @@ "authConfig": { "type": "custom", "config": { - "setupInstructions": "1. Log in to Linear\n2. Go to Settings → API\n3. Create a Personal API key\n4. Paste it below", + "setupInstructions": "1. Log in to Linear\n2. Go to Settings > Account > Security & Access (or visit https://linear.app/settings/account/security)\n3. Under Personal API keys, click Create key\n4. Paste the key below", "credentialFields": [ { "label": "API Key", "type": "password", "required": true, - "helpText": "Linear → Settings → API → Personal API keys → Create key" + "helpText": "Linear > Settings > Account > Security & Access > Personal API keys > Create key" } ] } @@ -31,15 +31,8 @@ "description": "Verifies Linear is connected and lists workspace members", "defaultSeverity": "medium", "enabled": true - }, - { - "slug": "linear_app_availability", - "name": "App Availability", - "description": "Verifies Linear platform is operational", - "defaultSeverity": "medium", - "enabled": true } ], - "checkCount": 2, + "checkCount": 1, "isActive": true } diff --git a/integrations-catalog/integrations/netsuite.json b/integrations-catalog/integrations/netsuite.json index af97c110b3..19d816172c 100644 --- a/integrations-catalog/integrations/netsuite.json +++ b/integrations-catalog/integrations/netsuite.json @@ -62,8 +62,15 @@ "description": "Lists all roles defined in NetSuite via SuiteQL to verify that role-based access controls are properly configured.", "defaultSeverity": "medium", "enabled": true + }, + { + "slug": "netsuite_2fa", + "name": "2FA", + "description": "Verifies that two-factor authentication is enforced for NetSuite users with login access, checking both company preferences and role-level 2FA requirements", + "defaultSeverity": "medium", + "enabled": true } ], - "checkCount": 2, + "checkCount": 3, "isActive": true } diff --git a/integrations-catalog/integrations/opal-security.json b/integrations-catalog/integrations/opal-security.json new file mode 100644 index 0000000000..49864f5595 --- /dev/null +++ b/integrations-catalog/integrations/opal-security.json @@ -0,0 +1,52 @@ +{ + "slug": "opal-security", + "name": "Opal Security", + "description": "Monitor Opal Security access governance including employee access management, access reviews, role-based access controls, and employee verification for compliance", + "category": "Identity & Access", + "docsUrl": "https://docs.opal.dev/reference", + "baseUrl": "https://api.opal.dev/v1", + "authConfig": { + "type": "api_key", + "config": { + "setupInstructions": "1. Log in to Opal Security at https://app.opal.dev\n2. Navigate to Settings > API Tokens\n3. Click 'Create Token'\n4. Give the token a descriptive name (e.g., 'CompAI Integration')\n5. Copy the generated API token\n6. Paste the token in the field below\n\nThe token needs read access to users, resources, groups, and access reviews." + } + }, + "capabilities": [ + "checks", + "sync" + ], + "supportsMultipleConnections": false, + "syncSupported": true, + "checks": [ + { + "slug": "opal_employee_access", + "name": "Employee Access", + "description": "Reviews Opal Security users to verify employee access management and HR IDP status tracking", + "defaultSeverity": "medium", + "enabled": true + }, + { + "slug": "opal_access_review_log", + "name": "Access Review Log", + "description": "Verifies that user access reviews (UARs) are configured with deadlines in Opal Security", + "defaultSeverity": "high", + "enabled": true + }, + { + "slug": "opal_rbac", + "name": "Role-based Access Controls", + "description": "Verifies that resources and groups are configured in Opal Security for role-based access control", + "defaultSeverity": "medium", + "enabled": true + }, + { + "slug": "opal_employee_verification", + "name": "Employee Verification", + "description": "Verifies that HR IDP status is tracked for all users in Opal Security for employee lifecycle management", + "defaultSeverity": "medium", + "enabled": true + } + ], + "checkCount": 4, + "isActive": true +} diff --git a/integrations-catalog/integrations/safebase.json b/integrations-catalog/integrations/safebase.json new file mode 100644 index 0000000000..a59561cba4 --- /dev/null +++ b/integrations-catalog/integrations/safebase.json @@ -0,0 +1,37 @@ +{ + "slug": "safebase", + "name": "SafeBase", + "description": "SafeBase is a trust center platform that automates security reviews, manages NDAs, and centralizes compliance documentation for customers.", + "category": "Security", + "docsUrl": "https://docs.safebase.io/reference/", + "baseUrl": "https://app.safebase.io/api/ext/v1/rest", + "authConfig": { + "type": "api_key", + "config": { + "setupInstructions": "1. Log in to your SafeBase admin dashboard\n2. Navigate to Settings > API\n3. Generate a new API key\n4. Copy the key and enter it above" + } + }, + "capabilities": [ + "checks" + ], + "supportsMultipleConnections": false, + "syncSupported": false, + "checks": [ + { + "slug": "safebase_public_policies", + "name": "Public Policies", + "description": "Verifies that your SafeBase trust center has active accounts configured for customer-facing security documentation.", + "defaultSeverity": "medium", + "enabled": true + }, + { + "slug": "safebase_contact_information", + "name": "Contact Information", + "description": "Verifies that the SafeBase trust center API is accessible and the organization account is properly configured.", + "defaultSeverity": "medium", + "enabled": true + } + ], + "checkCount": 2, + "isActive": true +} diff --git a/integrations-catalog/integrations/thinkst-canary.json b/integrations-catalog/integrations/thinkst-canary.json new file mode 100644 index 0000000000..3ed0444b7e --- /dev/null +++ b/integrations-catalog/integrations/thinkst-canary.json @@ -0,0 +1,65 @@ +{ + "slug": "thinkst-canary", + "name": "Thinkst Canary", + "description": "Thinkst Canary provides deception-based intrusion detection using canaries (honeypots) and canarytokens deployed across your network.", + "category": "Security", + "docsUrl": "https://docs.canary.tools/", + "baseUrl": "https://placeholder.canary.tools", + "authConfig": { + "type": "custom", + "config": { + "setupInstructions": "1. Log in to your Canary Console at https://.canary.tools\n2. Go to Settings (gear icon) and click the API tab\n3. Create a new API key with at least Read-Only role\n4. Copy the auth_token and your console domain hash\n5. Enter both values in the fields above", + "credentialFields": [ + { + "label": "Console Domain Hash", + "type": "text", + "required": true, + "helpText": "Your unique console hash (e.g. abc123def). Found in your console URL: https://.canary.tools" + }, + { + "label": "API Auth Token", + "type": "text", + "required": true, + "helpText": "API key from your console Settings > API section." + } + ] + } + }, + "capabilities": [ + "checks" + ], + "supportsMultipleConnections": false, + "syncSupported": false, + "checks": [ + { + "slug": "thinkst_canary_device_list", + "name": "Device List", + "description": "Verifies that Canary Birds (honeypots) are deployed and checks their online/offline status across the network.", + "defaultSeverity": "high", + "enabled": true + }, + { + "slug": "thinkst_canary_incident_response", + "name": "Incident Response", + "description": "Checks for unacknowledged incidents on the Canary console to ensure timely incident response.", + "defaultSeverity": "high", + "enabled": true + }, + { + "slug": "thinkst_canary_2fa", + "name": "2FA", + "description": "Checks that all Canary console users have two-factor authentication (TOTP) enabled.", + "defaultSeverity": "high", + "enabled": true + }, + { + "slug": "thinkst_canary_monitoring_alerting", + "name": "Monitoring & Alerting", + "description": "Verifies that alert notifications (email, SMS, webhook, or Slack) are configured on the Canary console.", + "defaultSeverity": "medium", + "enabled": true + } + ], + "checkCount": 4, + "isActive": true +} diff --git a/integrations-catalog/integrations/upguard.json b/integrations-catalog/integrations/upguard.json new file mode 100644 index 0000000000..8362e390fa --- /dev/null +++ b/integrations-catalog/integrations/upguard.json @@ -0,0 +1,37 @@ +{ + "slug": "upguard", + "name": "UpGuard", + "description": "UpGuard provides vendor risk management and external attack surface monitoring with automated security ratings and risk detection.", + "category": "Security", + "docsUrl": "https://cyber-risk.upguard.com/api/docs", + "baseUrl": "https://cyber-risk.upguard.com/api/public", + "authConfig": { + "type": "api_key", + "config": { + "setupInstructions": "1. Log in to UpGuard at https://cyber-risk.upguard.com\n2. Click the Settings icon (top-right)\n3. Go to the API tab\n4. Create a new API key or copy your existing one\n5. Enter the API key above (no prefix needed)" + } + }, + "capabilities": [ + "checks" + ], + "supportsMultipleConnections": false, + "syncSupported": false, + "checks": [ + { + "slug": "upguard_monitoring_alerting", + "name": "Monitoring & Alerting", + "description": "Checks vendor risk scores in UpGuard to identify third-party vendors with low security ratings.", + "defaultSeverity": "high", + "enabled": true + }, + { + "slug": "upguard_incident_response", + "name": "Incident Response", + "description": "Checks for active security risks detected by UpGuard for your organization's external attack surface.", + "defaultSeverity": "high", + "enabled": true + } + ], + "checkCount": 2, + "isActive": true +} diff --git a/integrations-catalog/integrations/vercel.json b/integrations-catalog/integrations/vercel.json index b94f68039d..debab76bfc 100644 --- a/integrations-catalog/integrations/vercel.json +++ b/integrations-catalog/integrations/vercel.json @@ -7,7 +7,9 @@ "baseUrl": "https://api.vercel.com/", "authConfig": { "type": "api_key", - "config": {} + "config": { + "setupInstructions": "Connect your Vercel account so Comp AI can monitor deployments and project health.\n\nStep 1 — Create a Vercel API token\n1. Go to https://vercel.com/account/tokens\n2. Click \"Create Token\"\n3. Give it a name like \"Comp AI\"\n4. Set \"Scope\" to your team (or your personal account)\n5. **IMPORTANT — set \"Expiration\" to \"No Expiration\"** so you never have to reconnect\n6. Click Create and copy the token immediately (you can't view it again)\n\nStep 2 — Paste the token below\n\nNote: As long as you keep \"No Expiration\" and don't delete the token in Vercel, this connection is permanent. If you ever rotate or delete the token in Vercel, you'll need to paste a new one here." + } }, "capabilities": [ "checks" @@ -23,9 +25,9 @@ "enabled": true }, { - "slug": "vercel_separation_of_envs", - "name": "Separation of Environments", - "description": "Verifies Vercel projects have environment variables configured per environment", + "slug": "vercel_monitoring_alerting", + "name": "Monitoring & Alerting Review", + "description": "Verify Vercel monitoring is capturing deployment failures and recent activity", "defaultSeverity": "medium", "enabled": true } diff --git a/integrations-catalog/integrations/zoho-crm.json b/integrations-catalog/integrations/zoho-crm.json index eb46fb3c03..c86702f96f 100644 --- a/integrations-catalog/integrations/zoho-crm.json +++ b/integrations-catalog/integrations/zoho-crm.json @@ -6,23 +6,16 @@ "docsUrl": "https://www.zoho.com/crm/developer/docs/api/v7/", "baseUrl": "https://www.zohoapis.com", "authConfig": { - "type": "custom", + "type": "oauth2", "config": { - "setupInstructions": "1. Go to Zoho API Console at https://api-console.zoho.com\n2. Create a Self Client application\n3. Generate a token with scopes: ZohoCRM.users.READ, ZohoCRM.settings.READ, ZohoCRM.org.READ\n4. Paste the access token below\n5. If your Zoho account is not in the US region, enter your data center domain (e.g. www.zohoapis.eu for EU)\n\nNote: For long-term use, set up OAuth2 refresh tokens via Zoho API Console.", - "credentialFields": [ - { - "label": "OAuth Access Token", - "type": "password", - "required": true, - "helpText": "Generate from Zoho API Console (https://api-console.zoho.com). Create a Self Client, generate token with scopes: ZohoCRM.users.READ, ZohoCRM.settings.READ, ZohoCRM.org.READ." - }, - { - "label": "Zoho Data Center Region", - "type": "text", - "required": false, - "helpText": "Your Zoho data center domain. Examples: www.zohoapis.com (US), www.zohoapis.eu (EU), www.zohoapis.in (IN), www.zohoapis.com.au (AU), www.zohoapis.jp (JP), www.zohoapis.com.cn (CN)." - } - ] + "setupInstructions": "Connect your Zoho CRM account so Comp AI can monitor user access, roles, and organization settings.\n\nWhen you click \"Connect\":\n1. You will be redirected to Zoho\n2. Sign in with the Zoho account that has access to your CRM\n3. Authorize the requested read-only permissions\n4. You will be redirected back here, ready to use\n\nAfter connection, tokens auto-refresh — you will not need to reconnect periodically.\n\nNote: Currently optimized for the Zoho US data center. If your Zoho account is in EU/India/Australia/etc., contact support — multi-region support is in progress.", + "scopes": [ + "ZohoCRM.users.READ", + "ZohoCRM.settings.READ", + "ZohoCRM.org.READ" + ], + "clientAuthMethod": "body", + "supportsRefreshToken": true } }, "capabilities": [ diff --git a/integrations-catalog/integrations/zoho-people.json b/integrations-catalog/integrations/zoho-people.json index e1f0fa5496..8654d18bfa 100644 --- a/integrations-catalog/integrations/zoho-people.json +++ b/integrations-catalog/integrations/zoho-people.json @@ -6,17 +6,14 @@ "docsUrl": "https://www.zoho.com/people/api/", "baseUrl": "https://people.zoho.com", "authConfig": { - "type": "custom", + "type": "oauth2", "config": { - "setupInstructions": "1. Go to Zoho API Console at https://api-console.zoho.com\n2. Create a Self Client application\n3. Generate a token with scope: ZOHOPEOPLE.forms.ALL\n4. Paste the access token below\n\nNote: Tokens expire. For long-term use, set up OAuth2 refresh tokens.", - "credentialFields": [ - { - "label": "OAuth Access Token", - "type": "password", - "required": true, - "helpText": "Generate from Zoho API Console (https://api-console.zoho.com). Create a Self Client, generate token with scope: ZOHOPEOPLE.forms.ALL." - } - ] + "setupInstructions": "Connect your Zoho People account so Comp AI can verify access and sync employee records.\n\nWhen you click \"Connect\":\n1. You will be redirected to Zoho\n2. Sign in with the Zoho account that has access to your People app\n3. Authorize the requested permission (read employee data)\n4. You will be redirected back here, ready to use\n\nAfter connection, tokens auto-refresh — you will not need to reconnect periodically.\n\nNote: Currently optimized for the Zoho US data center (.com). If your Zoho account is in EU/India/Australia/etc., contact support — multi-region support is in progress.", + "scopes": [ + "ZohoPeople.forms.ALL" + ], + "clientAuthMethod": "body", + "supportsRefreshToken": true } }, "capabilities": [ diff --git a/packages/docs/openapi.json b/packages/docs/openapi.json index 810527817f..b38d01aef5 100644 --- a/packages/docs/openapi.json +++ b/packages/docs/openapi.json @@ -20686,6 +20686,14 @@ "schema": { "type": "string" } + }, + { + "name": "formType", + "required": true, + "in": "path", + "schema": { + "type": "string" + } } ], "responses": {