How Integrations Work
Every integration follows the same lifecycle, regardless of the tool or category.Connect
Authenticate with the third-party tool using OAuth, API key, or service account credentials. LowerPlane verifies the connection and saves the configuration securely.
Initial Sync
A background job fetches all relevant data from the connected tool. Depending on the integration, this can include user lists, configuration settings, security findings, or asset inventories.
Evidence Collection
The sync results are processed, categorized, and stored as evidence artifacts. Each piece of evidence is automatically tagged with the frameworks and controls it satisfies.
Tests Run
Automated tests evaluate the collected data against compliance requirements. Test results update control statuses across all applicable frameworks simultaneously.
Integration Categories
LowerPlane organizes integrations into categories based on their function in your compliance program.Cloud Providers
AWS, Azure, GCP, DigitalOcean, Heroku, Cloudflare, Vercel, and more. Monitor infrastructure security and collect configuration evidence.
Identity Providers
Okta, Google Workspace, Azure AD, OneLogin, JumpCloud, Auth0, and more. Verify MFA, SSO, and access controls.
Security Tools
Snyk, Wiz, CrowdStrike, Splunk, Datadog, SentinelOne, and more. Import vulnerabilities, endpoint status, and SIEM data.
HR / Staff Providers
BambooHR, Workday, Gusto, Rippling, ADP, Personio, and 50+ more. Sync employee data for personnel security tracking.
Version Control
GitHub, GitLab, Bitbucket, Azure DevOps. Monitor branch protection, code reviews, and repository security.
Task Management
Jira, Asana, Linear, Monday, ClickUp, Trello. Track change management and remediation workflows.
Communication
Slack, Microsoft Teams, Zoom, Loom. Notification delivery and communication audit trails.
MDM & Devices
Jamf Pro, Kandji, Microsoft Intune, Hexnode. Monitor device compliance and enforce endpoint policies.
Password Management
1Password, Bitwarden, LastPass, Keeper. Verify password policy enforcement across your organization.
Monitoring & Observability
Datadog, New Relic, Sentry, Splunk, Grafana. Collect operational evidence and incident response data.
Background Checks
Checkr, Certn, Veremark. Verify employee screening for compliance requirements.
Security Training
KnowBe4, Curricula, Hook Security. Track security awareness training completion.
What Integrations Provide
Each connected integration contributes to your compliance program in multiple ways:| Contribution | Description |
|---|---|
| Evidence artifacts | Files, screenshots, and configuration exports stored in your evidence vault |
| Automated tests | Compliance checks that run on every sync cycle |
| Control coverage | Direct mapping of integration data to framework controls |
| People data | Employee records from HR systems for personnel tracking |
| Asset inventory | Cloud resources, devices, and software discovered from connected tools |
| Vulnerability data | Security findings imported for tracking and remediation |
Integration Status
Each connected integration displays one of three statuses:- Active — The integration is connected and syncing successfully on schedule.
- Inactive — The integration is configured but paused or not yet activated.
- Error — The last sync failed. Check credentials and permissions to resolve.
Sync Frequency
You can configure how often each integration syncs data:| Frequency | Use Case |
|---|---|
| Hourly | Critical security tools, identity providers |
| Daily | Cloud providers, version control (default for most integrations) |
| Weekly | HR systems, background checks |
| Manual | On-demand syncs for specific audits or spot checks |
Next Steps
Connect an Integration
Step-by-step instructions for OAuth, API key, and service account connections.
HR Integrations
Detailed guide to connecting and configuring HR/staff provider integrations.