Drata

The Arnica integration enables security and compliance teams to automatically sync vulnerability data from Arnica into Drata.

This integration helps automate evidence collection for the <a href="https://help.drata.com/en/articles/4776909-test-21-vulnerability-scanning">Vulnerability Scanning</a> test, mapped to DCF-18 by default.

Automated Vulnerability Sync: Imports up to 1,000 new or updated vulnerabilities per day per connection.

Severity-Based Filtering: Allows selection of vulnerability levels such as Critical, High, or Medium.

Date Filtering: Syncs vulnerabilities detected on or after a specified “first seen” date for precise reporting.

- Automated Vulnerability Sync: Imports up to 1,000 new or updated vulnerabilities per day per connection.
- Severity-Based Filtering: Allows selection of vulnerability levels such as Critical, High, or Medium.
- Date Filtering: Syncs vulnerabilities detected on or after a specified “first seen” date for precise reporting.

Must have Admin, Information Security Lead, DevOps Engineer, or Workspace Manager roles in Drata.

Must have an active Arnica account.

Must create and copy the Arnica API token with the required scope:

Ensure you have permission to generate and manage API tokens in Arnica.

- Must have Admin, Information Security Lead, DevOps Engineer, or Workspace Manager roles in Drata.
- Must have an active Arnica account.
- Must create and copy the Arnica API token with the required scope:
 - <code>risks:read</code>
- Ensure you have permission to generate and manage API tokens in Arnica.

Navigate to your API settings or Developer section (depending on your account setup).

Copy and securely store your Access Token. You’ll need it to connect Arnica to Drata.

1. Log in to your Arnica account.
2. Navigate to your API settings or Developer section (depending on your account setup).
3. Create a new API token.
4. Enable the following scope:
 - <code>risks:read</code>
5. Copy and securely store your Access Token. You’ll need it to connect Arnica to Drata.

Expected outcome: You now have a valid Arnica API token with the <code>risks:read</code> scope.

In Drata, navigate to Connections → Available Connections.

Search for Arnica and select Connect.

1. In Drata, navigate to Connections → Available Connections.
2. Search for Arnica and select Connect.
3. Enter the following fields:

For steps on accessing and using the Connections page in Drata, refer to <a href="https://help.drata.com/en/articles/12305645-the-connections-page-in-drata">The Connections Page in Drata</a>.

Drata imports up to 1,000 new or updated vulnerabilities per day per connection.

Imported vulnerabilities are prioritized from Critical → Low severity.

Your severity and first seen on filter selections are included in the test result report for visibility.

- Drata imports up to 1,000 new or updated vulnerabilities per day per connection.
- Imported vulnerabilities are prioritized from Critical → Low severity.
- Your severity and first seen on filter selections are included in the test result report for visibility.

Select View Findings after connecting Arnica, or

Navigate to the Vulnerabilities page via Drata’s left-side navigation menu.

1. Select View Findings after connecting Arnica, or
2. Navigate to the Vulnerabilities page via Drata’s left-side navigation menu.

Connect Arnica to Drata to sync vulnerabilities with an API token and automate evidence for vulnerability scanning.

Arnica Integration Guide

Home

Contact Sales

Support

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Permission/Scope	Why It’s Needed	Data Accessed
risks:read	Allows Drata to access and sync vulnerability data from Arnica.	Vulnerability and risk data (Read)

Drata Field	Arnica Value
Severity	Select vulnerability levels to include (e.g., Critical, High, Medium).
First Seen On	Select the date from which Drata should begin syncing vulnerabilities.
Access Token	Paste your Arnica API token with the `risks:read` scope.

Arnica Integration Guide

Key Capabilities

Prerequisites & Data Access

Permissions & Data Table

Step-by-Step Setup

Step 1: Generate the Arnica API Token

Step 2: Complete the Connection in Drata

Step 3: Verify and View Results