Integrations & CRMs

28 curated CRMs, hundreds more inferred at scope time.

Every vendor here ships with a pre-built Customer Responsibility Matrix — the document your assessor drops straight into your SSP package. We pull evidence directly where there's an API, curate by hand where there isn't (PreVeil, VDI), and infer a CRM for everything else from vendor category and your scope. Nothing in your assessment is left undocumented.

Book a demo Read the scope policy

API integrations

Curated CRMs

100s

Inferred CRMs

Default writes

API integrations

25 vendors. Evidence pulled directly via the vendor API.

Read-only by default. Write-capable scopes are opt-in per integration for remediation and baseline workflows only.

Cloud & productivity

Microsoft 365 + AzureAPI + CRM

Entra, Defender, Intune, Purview, Sentinel, Teams, Exchange Online Protection.

Amazon Web ServicesAPI + CRM

IAM, S3, EC2, CloudTrail, Security Hub, Config — full account posture.

Google Workspace + GCPAPI + CRM

Workspace, Cloud Identity, Security Command Center.

Prisma CloudAPI + CRM

Palo Alto cloud security posture across AWS / Azure / GCP.

Identity & SSO

OktaAPI + CRM

Users, groups, app assignments, MFA enforcement, sign-in events.

Ping IdentityAPI + CRM

Federation, policies, identity management.

DuoAPI + CRM

MFA enrollment, factor inventory, policy enforcement.

Slack EnterpriseAPI + CRM

User management, MFA + retention, audit log.

Endpoint security

CrowdStrike FalconAPI + CRM

EDR detections, prevention policy, sensor inventory.

SentinelOneAPI + CRM

Threats, agent inventory, policy exclusions.

Jamf ProAPI + CRM

Apple device fleet, compliance, configuration profiles.

NinjaOneAPI + CRM

Endpoint and policy management, patch + script status.

SIEM & log analytics

SplunkAPI + CRM

Saved searches, alert state, log-source health.

WazuhAPI + CRM

Host IDS, file integrity monitoring, rule + agent inventory.

Vulnerability management

TenableAPI + CRM

Asset inventory, scan results, finding severity, exceptions.

Network & firewall

Cisco DNA CenterAPI + CRM

Network inventory, configuration, segmentation.

Aruba Central (HPE)API + CRM

Wireless + wired configuration, SSID encryption posture.

Ubiquiti UniFiAPI + CRM

Network configuration, WiFi posture, firewall rules.

Source, ticketing & comms

GitHubAPI + CRM

Repo + branch protection, secret scanning, audit log.

GitLabAPI + CRM

Group membership, project settings, audit events.

ServiceNowAPI + CRM

Ticket lifecycle, CMDB CIs, change records.

KnowBe4API + CRM

Training campaign completion, phishing-test results.

VirtruAPI + CRM

Data-centric protection, audit and key access events.

KiteworksAPI + CRM

Private data network — access governance and file audit.

Physical security

BrivoAPI + CRM

Badge management, access events, schedules.

First-class CMMC support

3 more vendors. Curated CRM plus manual evidence upload.

These vendors don't expose an API we can integrate with, but they show up constantly in DIB scopes — PreVeil for CUI email, Citrix and VMware Horizon for CUI VDI. Garde1 ships the Customer Responsibility Matrix so you can document them cleanly in your SSP package, and the platform's manual evidence upload lets you attach screenshots, exports, and configuration dumps directly to the controls those CRMs cover. No API required, no control left unevidenced.

PreVeilCRM only

End-to-end encrypted email + file sharing for CUI. No API; curated CRM covers customer-side responsibilities.

Citrix WorkspaceCRM only

VDI commonly used for CUI handling. No API; curated CRM covers the responsibility split.

VMware HorizonCRM only

VDI for CUI access from non-CUI endpoints. No API; curated CRM ships with the platform.

Don't see your stack?

We add integrations on customer request, and most ship in two weeks.

Build prioritization follows customer commitment. We don't back-burner the one connector that's blocking your assessment.

Request an integration How scopes work