What cloud services does AuditBadger integrate with for evidence collection?

AuditBadger integrates with AWS, Google Cloud Platform (GCP), GitHub, Cloudflare, Azure, Linear, Shortcut, Slack, and Google Workspace. These integrations help collect and organize compliance evidence from cloud infrastructure, source control, collaboration, identity, and workflow systems.

Is automated evidence collection secure?

Yes, AuditBadger uses scoped permissions for integrations and is designed for evidence collection rather than changing your source systems. Data is encrypted in transit and at rest, and collected evidence is tracked with audit history.

How does automated evidence collection help with SOC 2 audits?

Automated evidence collection maps directly to SOC 2 Trust Service Criteria. It continuously gathers proof of security controls implementation, eliminating manual screenshot collection. Evidence is automatically verified and organized for auditor review, significantly reducing audit preparation time.

How often is evidence collected automatically?

Evidence collection runs on configurable schedules. You can set daily, weekly, or custom schedules based on your compliance needs. Real-time monitoring alerts you immediately when critical controls change or fail verification.

Automated Evidence Collection

Connect Once, Collect Forever

Stop chasing screenshots and exports. Connect AWS, GCP, GitHub, Cloudflare, Azure, Linear, Shortcut, Slack, and Google Workspace to gather compliance evidence for SOC 2 and ISO 27001 controls.

Core Features

AWS and GCP evidence collection

GitHub repository and security setting evidence

Azure, Slack, Linear, Shortcut, and Google Workspace integrations

Cloudflare security and DNS evidence

Multi-framework mapping (SOC 2, ISO 27001)

Auto-verification against compliance rules

Scheduled collection (daily, weekly, monthly)

Read-only access with scoped permissions

Continuous compliance monitoring

Guided setup for supported integrations

Supported Integrations

Amazon Web Services

Cloud Infrastructure

Comprehensive AWS integration covering IAM, CloudTrail, S3, RDS, KMS, GuardDuty, and more. Connect via secure cross-account IAM role with read-only permissions.

Evidence Sources:

IAM Password Policy MFA Status CloudTrail S3 Encryption RDS Encryption KMS Key Rotation GuardDuty VPC Flow Logs + 7 more

Google Cloud Platform

Cloud Infrastructure

Comprehensive GCP integration covering IAM, Cloud Audit Logs, Cloud Storage, Cloud SQL, Cloud KMS, and Security Command Center. Connect via Service Account with read-only permissions.

Evidence Sources:

IAM Policies MFA Status Cloud Audit Logs Cloud Storage Encryption Cloud SQL Encryption KMS Key Rotation Security Command Center VPC Flow Logs + 7 more

GitHub

Source Control

Full GitHub organization integration covering security settings, access controls, code scanning, and audit logs. Connect via GitHub App with fine-grained permissions.

Evidence Sources:

2FA Status Branch Protection Required Reviews Secret Scanning Dependabot Code Scanning Team Permissions + 5 more

Cloudflare

CDN & Security

Comprehensive Cloudflare integration covering SSL/TLS, WAF, DDoS protection, and DNS security. Connect via scoped API token with read-only permissions.

Evidence Sources:

SSL/TLS Mode TLS Version HSTS WAF Config DDoS Protection Bot Protection DNSSEC + 4 more

Workflow & Workspace Tools

Tickets, collaboration, identity

Collect evidence from Azure, Linear, Shortcut, Slack, and Google Workspace so access reviews, work tracking, and collaboration controls live beside cloud and repository evidence.

Supported tools:

Azure Linear Shortcut Slack Google Workspace

Compliance Control Coverage

SOC 2 Trust Services Criteria

CC6 - Logical & Physical Access 12 evidence sources

CC7 - System Operations 8 evidence sources

CC8 - Change Management 5 evidence sources

ISO 27001:2022 Annex A

A.5 - Organizational Controls 10 evidence sources

A.8 - Technological Controls 15 evidence sources

A.8.25-28 - Secure Development 6 evidence sources

Key Benefits

Eliminate manual evidence collection with automation

Reduce audit prep time from weeks to hours

Auto-verify evidence against compliance thresholds

Get alerted when compliance status changes

Single evidence satisfies multiple framework controls

Security First

Read-only access - AuditBadger cannot modify your resources

External ID protection against confused deputy attacks

Scoped API tokens with zone-level permissions

Full audit trail of all API calls

Revoke access instantly with one click

How It Works

Connect

Connect your supported cloud, repository, workflow, and workspace tools with scoped permissions.

Collect

Evidence is automatically gathered on your schedule and mapped to compliance controls.

Verify

Auto-verification checks evidence against compliance rules and alerts you to issues.

Automate Your Evidence Collection

Stop spending hours on manual screenshots and exports. Connect AWS, GCP, GitHub, Cloudflare, Azure, Linear, Shortcut, Slack, and Google Workspace so AuditBadger can organize recurring evidence for you.