Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.matproof.com/llms.txt

Use this file to discover all available pages before exploring further.

Integrations Overview

Matproof integrates with the tools your team already uses. Connecting an integration means evidence is collected automatically — no screenshots, no manual uploads, no spreadsheets. Each integration runs on a 24-hour sync cycle by default (configurable per integration), and the evidence collected is mapped directly to the relevant controls in your active frameworks.

Available integrations

Cloud infrastructure

AWS

IAM, CloudTrail, S3 encryption, security groups, KMS rotation, GuardDuty status — read-only via cross-account IAM role.

Microsoft Azure

Subscription resources, Defender for Cloud findings, encryption settings, audit logs. Includes the Microsoft Entra ID identity surface.

Google Cloud Platform

IAM policies, Security Command Center findings, encryption keys, audit logs.

Identity & workspace

Microsoft Entra ID (Azure AD)

Identity, MFA, Conditional Access policies, privileged role assignments, risky sign-ins.

Google Workspace

User access, MFA enrollment, admin roles, inactive accounts, external sharing policy.

Source control & change management

GitHub

Branch protection, PR review enforcement, MFA, Dependabot alerts, repository access lists.

Jira

Change requests, incident records, corrective-action tracking. Per-project mapping.

AI providers (for EU AI Act evidence)

AI Providers

Anthropic, OpenAI, Hugging Face, Weights & Biases — credential storage for automated AI Act compliance checks against your AI training and inference infrastructure.

HR & people

Deel

Employee directory, contractor records, onboarding/offboarding events. Coming soon — see /integrations/deel.

Security tooling

Aikido Security

Vulnerability findings ingested into the unified Findings view.

Custom / programmatic

REST API

Push evidence, sync data, trigger assessments programmatically. For tools without a native integration.

How integrations work

1

Connect

Authorize Matproof with read-only access to your tool — typically via OAuth, sometimes via API key or cross-account IAM role (AWS).
2

Sync

Matproof pulls configuration and activity data on a 24-hour schedule (configurable per integration). The first sync runs immediately on connection.
3

Map

Collected data is automatically matched to the relevant controls in your active frameworks via the Frameworks cross-mapping layer.
4

Surface

Passing checks contribute evidence to controls; failing checks raise items in the unified Findings view.
You can also trigger a manual sync at any time from Settings → Integrations → [Integration] → Sync now.

Permissions philosophy

Every integration uses read-only access to the third-party system. Matproof can’t modify your AWS resources, edit your GitHub branch protection, change Entra ID policies, or close Jira tickets. The only writes Matproof performs are into its own database. OAuth scopes and IAM permissions are documented per-integration on the individual integration pages.

What integrations replace

Without integrations, demonstrating access-control compliance means manually exporting user lists, screenshotting MFA settings, and uploading them every quarter. With integrations, this happens automatically.
Manual task replacedIntegration
Export user list and MFA statusGoogle Workspace / Microsoft Entra ID
Screenshot branch protection settingsGitHub
Export IAM policy and CloudTrail statusAWS
Document change approval recordsJira
Capture Dependabot vulnerability statusGitHub
List GCP IAM bindings and SCC findingsGoogle Cloud
Demonstrate AI training-data lineageWeights & Biases / Hugging Face (via AI Providers)

Custom integrations

For tools not on the list above, use the Matproof REST API to push evidence programmatically from any system — CI/CD pipelines, custom scripts, internal dashboards, or third-party tools. Common API use cases:
  • Upload penetration-test reports directly from your security scanner
  • Push deployment records from your CI/CD pipeline as change-management evidence
  • Sync vendor data from your procurement system
  • Mirror compliance state from a parent-org system into a subsidiary’s Matproof tenant

Requesting an integration

Don’t see your tool? Email support@matproof.com with the tool name and your use case. We prioritize integration development based on customer demand. Common requests on the roadmap: Slack, Okta, GitLab, Notion, Microsoft Intune, Jamf.