Skip to main content

Arnica Connection

Connect Arnica to Drata to sync vulnerabilities with an API token and automate evidence for vulnerability scanning.

Updated over 2 weeks ago

This integration automates evidence collection for the Vulnerability Scanning test, which is mapped to DCF-18 by default.

Prerequisites

  • Create and copy the Arnica API token with the following scope enabled: risks:read. You’ll need it when connecting Arnica to Drata.

  • Drata syncs up to 1,000 new or updated vulnerabilities per day for each connection, sorted by severity from critical to low.

Complete the Connection: Arnica

When connecting, enter the following values from Arnica:

Drata Field

Value

Severity

Select the vulnerability levels to include, such as Critical, High, or Medium.

This selection is also included in the test result report for visibility.

First seen on

Drata will sync vulnerabilities detected on or after the selected date.

This selection is also included in the test result report for visibility.

Access Token

Arnica API token with risks:read scope

For steps on accessing and using the Connections page in Drata, refer to The Connections Page in Drata.

Drata automatically begins syncing vulnerabilities based on your configurations.

You can view the findings by selecting the View Findings after connecting Arnica or navigating directly to the Vulnerabilities page through the left-side navigation menu.

Did this answer your question?