Introduction to Private Integrations

Private Integrations lets you build a Vanta integration (to send data to Vanta) without making the integration available to other Vanta customers. This is useful if you have in-house tools and would like to monitor the security of these tools in Vanta or ingest security data from these tools to Vanta. It can also be used to build an integration to any 3rd party service not yet supported by Vanta's integrations.

Private Integrations have similar functionality to the public integrations built by partners, however Vanta will never make private integrations visible to other customers.

Private Integrations can be built to send two types of data:

  • Resources: JSON blobs that describe assets managed by your tool (such as computers or accounts).
  • Documents: Files generated from your tool (such as PDFs or CSVs).

Building a Private Integration requires the following steps:

  1. Create an integration application in the Vanta Developer Console.
  2. Authorize using OAuth. This involves obtaining the access token to be used in the next step.
  3. Return to the Developer Console and use the UI to create and define the resource(s) or document(s) you’d like to send.
  4. Create a periodic job to send resources on an hourly basis or update documents on the cadence specified in the corresponding evidence request

The typical engineering time required is 2 days or less with the majority of the time spent on creating the integration-specific job to send resources to Vanta. Setting up the integration on the Vanta side only takes a few moments.