This integration automates evidence collection for the Vulnerability Scanning test, which is mapped to DCF-18 by default.
Prerequisites
Create and copy the Arnica API token with the following scope enabled:
risks:read
. You’ll need it when connecting Arnica to Drata.Drata syncs up to 1,000 new or updated vulnerabilities per day for each connection, sorted by severity from critical to low.
Complete the Connection: Arnica
When connecting, enter the following values from Arnica:
Drata Field | Value |
Severity | Select the vulnerability levels to include, such as Critical, High, or Medium. |
First seen on | Drata will sync vulnerabilities detected on or after the selected date. |
Access Token | Arnica API token with |
For steps on accessing and using the Connections page in Drata, refer to The Connections Page in Drata.
Drata automatically begins syncing vulnerabilities based on your configurations.
You can view the findings by selecting the View Findings after connecting Arnica or navigating directly to the Vulnerabilities page through the left-side navigation menu.
Learn more at Vulnerabilities help article.