Technical Integrations

Automate evidence collection and keep an eye on security across your business with our integrations

Explore the Carbide Platform
Integrations We Support

Integrations to speed your path to compliance

Security doesn’t happen on paper – it’s embedded in the infrastructure you use, the policies you follow, and the applications that power your business.

So when it comes to proving how you’re living up to your security promises, you need an automated way to track and demonstrate how your security controls are being implemented.

How do we do it?

We’ve partnered with Workato, the leader in enterprise automation, to ensure our technical integrations meet our high quality and security standards.

We’ve enabled some of the most common integrations needed, but if you don’t see something you need below, let us know — Workato has more than 1000 integrations we can prioritize.

Cloud Services

Through our integrations with different cloud service providers, we capture critical components of your security posture related to multi-factor authentication status, password complexity requirements, active user and admin lists, groups, and roles.

Amazon Web Services
Microsoft Azure
Google Cloud Platform
Heroku <i data-lazy-src=
Amazon Web Services

Our integration with AWS captures evidence related to the following framework / regulation requirements and controls:

  • CIS CSC 7.1 (14.6)
  • HIPAA (164.308, 164.310, 164.312)
  • ISO 27001 (A9.1.2, A9.4.1, A9.4.2)
  • NIST SP 800.171 (3.1.1, 3.5.2, 3.5.3, 3.5.4, 3.5.7, 3.5.8, 3.5.9, 3.7.5, 3.13.16, 3.12.4)
  • PCI DSS V3.2 (1.7.2, 1.8.3, 1.8.7)
  • SOC 2 (CC6.1, CC6.2-A1, CC6.2-B, CC6.3, CC8.1)
Amazon Web Services
Microsoft Azure

Our integration with Microsoft Azure captures evidence related to the following framework / regulation requirements and controls:

  • CIS CSC 7.1 (14.6)
  • HIPAA (164.308, 164.310, 164.312)
  • ISO 27001 (A9.1.2, A9.4.1, A9.4.2)
  • NIST SP 800.171 (3.1.1, 3.5.2, 3.5.3, 3.5.4, 3.5.7, 3.5.8, 3.5.9, 3.7.5, 3.13.16, 3.12.4)
  • PCI DSS V3.2 (1.7.2, 1.8.3, 1.8.7)
  • SOC 2 (CC6.1, CC6.2-A1, CC6.2-B, CC6.3, CC8.1)
Microsoft Azure
Google Cloud Platform

Our integration with Google Cloud Platform captures evidence related to the following framework / regulation requirements and controls:

  • CIS CSC 7.1 (14.6)
  • HIPAA (164.308, 164.310, 164.312)
  • ISO 27001 (A9.1.2, A9.4.1, A9.4.2)
  • NIST SP 800.171 (3.1.1, 3.5.2, 3.5.3, 3.5.4, 3.5.7, 3.5.8, 3.5.9, 3.7.5, 3.13.16, 3.12.4)
  • PCI DSS V3.2 (1.7.2, 1.8.3, 1.8.7)
  • SOC 2 (CC6.1, CC6.2-A1, CC6.2-B, CC6.3, CC8.1)
Google Cloud Platform
Heroku (Coming Soon)

Our integration with Heroku captures evidence related to the following framework / regulation requirements and controls:

  • CIS CSC 7.1 (14.6)
  • HIPAA (164.308, 164.310, 164.312)
  • ISO 27001 (A9.1.2, A9.4.1, A9.4.2)
  • NIST SP 800.171 (3.1.1, 3.5.2, 3.5.3, 3.5.4, 3.5.7, 3.5.8, 3.5.9, 3.7.5, 3.13.16, 3.12.4)
  • PCI DSS V3.2 (1.7.2, 1.8.3, 1.8.7)
  • SOC 2 (CC6.1, CC6.2-A1, CC6.2-B, CC6.3, CC8.1)
Heroku <i data-lazy-src=

Code Repositories

Through our integrations with different code repositories, we scan and capture details related to multi-factor authentication, single sign-on, and development access.

GitHub
GitLab
Bitbucket
GitHub

Our integration with GitHub captures evidence related to the following framework / regulation requirements and controls:

  • CIS CSC 7.1 (14.6)
  • HIPAA (164.308, 164.310, 164.312)
  • ISO 27001 (A9.1.2, A9.4.1, A9.4.2, A9.4.5)
  • NIST SP 800.171 (3.1.1, 3.3.2, 3.5.2, 3.5.3, 3.5.4, 3.7.5)
  • SOC 2 (CC6.1, CC6.3, CC8.1)
GitHub
GitLab

Our integration with GitLab captures evidence related to the following framework / regulation requirements and controls:

  • CIS CSC 7.1 (14.6)
  • HIPAA (164.308, 164.310, 164.312)
  • ISO 27001 (A9.1.2, A9.4.1, A9.4.2, A9.4.5)
  • NIST SP 800.171 (3.1.1, 3.3.2, 3.5.2, 3.5.3, 3.5.4, 3.7.5)
  • SOC 2 (CC6.1, CC6.3, CC8.1)
GitLab
Bitbucket

Our integration with Atlassian’s Bitbucket captures evidence related to the following framework / regulation requirements and controls:

  • CIS CSC 7.1 (14.6)
  • HIPAA (164.308, 164.310, 164.312)
  • ISO 27001 (A9.1.2, A9.4.1, A9.4.2, A9.4.5)
  • NIST SP 800.171 (3.1.1, 3.3.2, 3.5.2, 3.5.3, 3.5.4, 3.7.5)
  • SOC 2 (CC6.1, CC6.3, CC8.1)
Bitbucket

Ticketing Systems

By integrating with ticketing systems such as Jira, we can capture information related to application changes, emergency changes, and remediation.

Jira
Jira

Our integration with Atlassian’s Jira captures evidence related to the following framework / regulation requirements and controls:

  • ISO 27001 (A14.2.9, A12.1.2)
  • NIST SP 800.171 (3.7.2, 3.4.3, 3.3.2)
  • SOC 2 (CC7.2, CC8.1)
Jira

Business Applications

By integrating with your business applications such as Google Workspace, we can capture evidence related to multi-factor authentication and password complexity.

Google Workspace
Slack
Google Workspace

Our integration with Google Workspace captures evidence related to the following framework / regulation requirements and controls:

  • CIS CSC 7.1 (14.6)
  • HIPAA (164.308, 164.310, 164.312)
  • ISO 27001 (A9.1.2, A9.4.1, A9.4.2)
  • NIST SP 800.171 (3.1.1, 3.5.2, 3.5.3, 3.5.4, 3.5.7, 3.5.8, 3.5.9, 3.7.5)
  • SOC 2 (CC6.1, CC6.3, CC8.1)
Google Workspace
Slack

Carbide’s integration with Slack keeps your timelines on tracks with integrated alerts and notifications about your security tasks, comments, new courses, policy changes, and other items.

Use our Slack integration to:

  • Get notified about new or edited comments that mention you
  • Stay on track with alerts about tasks delegated to you, completed, or other due date changes
  • Send notifications about policy assignments and reminders
  • Find out when a new security awareness course becomes active
Slack