Docs/Integrations

Integrations

Connect TigerGate with your existing security, compliance, and DevOps tools

Compliance Platforms

Vanta, Drata, Secureframe

Source Control

GitHub, GitLab, Bitbucket

Notifications

Slack, Microsoft Teams, PagerDuty

CI/CD Pipelines

GitHub Actions, GitLab CI, Jenkins

Compliance Platforms

Automatically sync TigerGate findings and compliance evidence to your GRC platform.

Vanta Integration

Push real-time compliance evidence from TigerGate scanners to Vanta for automated SOC 2, ISO 27001, and HIPAA compliance.

Setup Steps:

  1. In Vanta, go to Integrations → API Integrations → Create API Token
  2. In TigerGate, navigate to Settings → Integrations → Vanta
  3. Enter your Vanta API token and click Connect
  4. Select which scan results to sync (Cloud, Code, Runtime)

Synced Data:

  • Cloud security findings (CSPM)
  • Vulnerability scan results
  • Runtime compliance evidence
  • Control mapping status

Drata Integration

Connect TigerGate to Drata for continuous compliance monitoring and evidence collection.

Setup Steps:

  1. In Drata, navigate to Connections → Add Connection
  2. Search for "TigerGate" and click Connect
  3. Authorize TigerGate access via OAuth
  4. Map TigerGate controls to your compliance frameworks

Source Control

Connect your repositories for automated code scanning on every push and pull request.

GitHub Integration

Install the TigerGate GitHub App for automated PR checks and repository scanning.

Features:

  • Automatic scans on push and PR
  • PR comments with findings
  • Status checks for blocking merges
  • SARIF upload to Security tab
Install TigerGate GitHub App →

GitLab Integration

Connect GitLab via personal access token or group-level integration.

  1. Create a GitLab personal access token with read_api and read_repository scopes
  2. In TigerGate, go to Settings → Integrations → GitLab
  3. Enter your GitLab URL and access token
  4. Select projects to scan

Bitbucket Integration

Connect Bitbucket Cloud or Server for repository scanning.

  1. Create an App Password in Bitbucket with repository read permissions
  2. In TigerGate, go to Settings → Integrations → Bitbucket
  3. Enter your workspace, username, and app password

Notifications

Get alerts for critical findings, scan completions, and compliance violations.

Slack

Send findings and alerts to Slack channels.

  1. Click "Add to Slack" in TigerGate Settings → Notifications
  2. Select a channel for alerts
  3. Configure notification triggers (critical findings, scan complete, etc.)

PagerDuty

Create incidents for critical security findings.

  1. Create a TigerGate service in PagerDuty
  2. Copy the integration key
  3. Enter the key in TigerGate Settings → Notifications → PagerDuty

Webhooks

Send events to any HTTP endpoint for custom integrations.

{
  "event": "scan.completed",
  "scan_id": "scan-uuid",
  "findings": {
    "critical": 0,
    "high": 3,
    "medium": 12,
    "low": 8
  },
  "timestamp": "2025-01-15T10:30:00Z"
}

CI/CD Pipelines

Integrate security scanning into your build pipelines.

GitHub Actions

name: Security Scan
on: [push, pull_request]

jobs:
  security:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: tigergate/scan-action@v1
        with:
          token: ${{ secrets.TIGERGATE_TOKEN }}
          fail-on: critical,high

GitLab CI

security_scan:
  image: tigergate/scanner:latest
  script:
    - tigergate scan --token $TIGERGATE_TOKEN
  rules:
    - if: $CI_PIPELINE_SOURCE == "merge_request_event"

Next Steps

API ReferenceCompliance FrameworksConfigure ScannersBecome a Partner