Skip to main content

Integrations Directory

Explore integrations for code migration and DevOps tools. Connect your workflow with CI/CD, version control, and cloud platforms.

oauthsource-control
Available now

GitHub

Connect GitHub repositories as a scan source and drift-ingest target via OAuth.

repository-connectiondrift-ingest-sourceidentity-resolution
oauthsource-control
Available now

GitLab

Connect GitLab repositories as a scan source and drift-ingest target via OAuth.

repository-connectiondrift-ingest-sourceidentity-resolution
oauthsource-control
Available now

Azure DevOps

Connect Azure DevOps repositories as a scan source and drift-ingest target via OAuth.

repository-connectiondrift-ingest-sourceidentity-resolution
oauthsource-control
Available now

Bitbucket

Connect Bitbucket repositories as a scan source and drift-ingest target via OAuth.

repository-connectiondrift-ingest-sourceidentity-resolution
signed-webhookautomation
Available now

Webhooks

Signed outbound webhooks for scans, todos, drift budgets, approvals, workflows, and SBOM imports — scoped per webhook by RBAC.

hmac-signed-deliveryper-webhook-event-selectionrbac-scoped-access-snapshot+1
api-keyidp-distribution
Available now

Cortex

Push DriftScore, RiskScore, and DriftRisk™, plus risk level and top remediation, into your Cortex catalog as custom entity data.

drift-score-pushrisk-score-and-driftrisk-pushcatalog-custom-data+1
api-keyidp-distribution
Available now

OpsLevel

Push DriftScore, RiskScore, and DriftRisk™ as an OpsLevel Rubric check, evaluated against your maturity model.

drift-score-pushrisk-score-and-driftrisk-pushrubric-check+1
api-keyidp-distribution
Available now

Backstage

Push DriftScore, RiskScore, and DriftRisk™ into Backstage as entity annotations via the Vibgrate backend plugin.

drift-score-pushrisk-score-and-driftrisk-pushentity-annotation+1
file-uploadsecurity-ingest
Available now

SBOM / VEX Import

Ingest CycloneDX, SPDX, and VEX files from any scanner to enrich the Risk Register with reachability-aware findings.

cyclonedx-spdx-vex-parsingvex-reachability-suppressionaudited-import-history
api-keypm-distribution
Available now

Jira

Automatically create a Jira issue in a target project when a drift budget breaches its critical threshold.

ticket-creation-on-budget-breachauto-priority-mapping
api-keypm-distribution
Available now

Linear

Automatically create a Linear issue in a target team when a drift budget breaches its critical threshold.

ticket-creation-on-budget-breachauto-priority-mapping
api-keynotification
Available now

Slack

Push DriftScore, RiskScore, DriftRisk™, risk level, and top remediation as a formatted chat card to a Slack channel via Incoming Webhook.

drift-score-chat-cardrisk-score-and-driftrisk-pushauto-push-on-scan+1
api-keydistribution
Available now

Datadog

Push DriftScore, EOL count, RiskScore, and DriftRisk™ as custom gauge metrics, tagged by service, using the same distribution pattern as Cortex/OpsLevel.

drift-score-metric-pushrisk-score-and-driftrisk-pushauto-push-on-scan+1
api-keysecurity-ingest
On the roadmap

Snyk

Live API adapter to ingest Snyk findings directly, layered on the existing SBOM/VEX importer.

live-api-ingestvex-reachability-suppression
api-keysecurity-ingest
On the roadmap

Endor Labs

Live API adapter to ingest Endor Labs findings directly, layered on the existing SBOM/VEX importer.

live-api-ingestvex-reachability-suppression
api-keysecurity-ingest
On the roadmap

Socket

Live API adapter to ingest Socket findings directly, layered on the existing SBOM/VEX importer.

live-api-ingestvex-reachability-suppression
api-keymodernization-handoff
On the roadmap

OpenRewrite / Moderne

Hand off prioritized remediation recipes to OpenRewrite/Moderne and verify the result with a re-scan.

recipe-mappingjob-handoffre-scan-verification
api-keymodernization-handoff
On the roadmap

AWS Transform

Hand off prioritized remediation jobs to AWS Transform and list on the AWS Marketplace.

job-handoffmarketplace-listing
api-keyinfra-ingest
Under evaluation

Terraform Cloud

Ingest Terraform state/plan as a read-only inventory signal. Vibgrate does not apply or execute Terraform.

state-plan-inventory-ingest
api-keysecurity-ingest
Under evaluation

Docker Hub / Container Registries

Registry-triggered CycloneDX SBOM generation feeding the existing SBOM importer — not a scan-and-migrate tool.

registry-triggered-sbom-generation
service-principalinfra-ingest
Under evaluation

Microsoft Azure

Read-only Azure resource inventory ingest. Vibgrate does not generate ARM templates or execute migrations.

resource-inventory-ingest
service-accountinfra-ingest
Under evaluation

Google Cloud Platform

Read-only GCP resource inventory ingest. Vibgrate does not generate Terraform or execute migrations.

resource-inventory-ingest