Request Demo

Start here Platform Overview A guided, top-to-bottom tour of the entire GRC platform — one connected system, not point tools. Take the tour →

Govern

Policy ManagementCurrent, control-aligned policies Contract ManagementTrack every obligation Asset ManagementProtect critical assets

Comply & audit

ComplianceTest once, satisfy many Evidence StudioAutomated, live evidence Trust CenterShare your security posture User Access ReviewsFast, accurate access reviews

Risk & third-party

Risk ManagementRisk in dollars, via FAIR Third Party InsightsObjective vendor risk in minutes Vendor Risk ManagementManage third-party risk end to end

Compyl AI

Compyl AIAgentic AI across the platform Compyl CopilotAsk your GRC data anything Questionnaire AssistAI-drafted questionnaire answers

125+ integrations — connect your stack Request a demo →

One control library Every framework, mapped Map a single control to every framework it satisfies — test once, prove many. See all frameworks →

Popular

SOC 2 ISO 27001 HIPAA PCI DSS

Standards

GDPR NIST CSF NIST SP 800-53 ISO 42001

CCPA MAS NIS2

Compliance, automated — how Compyl maps controls Request a demo →

Latest Inside Compyl 26.2 AI-powered GRC, from risk to audit — what's new in the platform. Read the post →

Learn

BlogInfoSec & compliance, trending GuidesStep-by-step playbooks

Watch & grow

Security SessionsOn-demand episodes Case StudiesResults from real teams

Network

Partner NetworkCompyl Connect partners

Company Built by CISOs Our mission: make GRC adapt to how you work — not the other way around. About Compyl →

Company

About UsMission & team CareersJoin the team

Trust

Our SecurityHow we protect you Contact UsTalk to us

Platform · Integrations

Connect your stack. Turn it into live audit evidence.

125+ integrations, every one built in-house — no third-party connectors. Search the catalog to find the tools you already run.

Browse the catalog → Request Demo

1PasswordIdentity, Access, & Authentication

Adobe SignDocument & Contract Management

ADPHR & Workforce Management

AirLockSecurity, Compliance, & Risk

AivenCloud Infrastructure & Hosting

Akamai LinodeCloud Infrastructure & Hosting

Alibaba CloudCloud Infrastructure & Hosting

AsanaIT Service Management & Productivity

AtlassianDeveloper Tools & CI/CD

Auth0Identity, Access, & Authentication

AWSCloud Infrastructure & Hosting

AxoniusSecurity, Compliance, & Risk

AzureCloud Infrastructure & Hosting

Azure DevOpsDeveloper Tools & CI/CD

BambooHRHR & Workforce Management

BitbucketDeveloper Tools & CI/CD

BitDefenderSecurity, Compliance, & Risk

BuildkiteDeveloper Tools & CI/CD

CircleCIDeveloper Tools & CI/CD

ClickUpIT Service Management & Productivity

CloudflareSecurity, Compliance, & Risk

ConsulDeveloper Tools & CI/CD

CoupaBusiness Applications & Finance

CrowdStrikeSecurity, Compliance, & Risk

DatabricksObservability, Monitoring, & Analytics

DatadogObservability, Monitoring, & Analytics

DigitalOceanCloud Infrastructure & Hosting

DocuSignDocument & Contract Management

DopplerSecurity, Compliance, & Risk

DruvaSecurity, Compliance, & Risk

DuoIdentity, Access, & Authentication

FieldguideSecurity, Compliance, & Risk

FlatfileSecurity, Compliance, & Risk

FreshpingObservability, Monitoring, & Analytics

FreshworksIT Service Management & Productivity

GandiCloud Infrastructure & Hosting

GitGuardianSecurity, Compliance, & Risk

GitHubDeveloper Tools & CI/CD

GitLabDeveloper Tools & CI/CD

GoDaddyCloud Infrastructure & Hosting

Google CloudCloud Infrastructure & Hosting

Google DirectoryIdentity, Access, & Authentication

GrafanaObservability, Monitoring, & Analytics

HashiCorp VaultSecurity, Compliance, & Risk

HerokuCloud Infrastructure & Hosting

HetznerCloud Infrastructure & Hosting

HiBobHR & Workforce Management

HubSpotBusiness Applications & Finance

IBM CloudCloud Infrastructure & Hosting

iManage Threat ManagerSecurity, Compliance, & Risk

Infosec IQSecurity, Compliance, & Risk

JamfSecurity, Compliance, & Risk

JenkinsDeveloper Tools & CI/CD

JumpCloudIdentity, Access, & Authentication

KandjiSecurity, Compliance, & Risk

KeycloakIdentity, Access, & Authentication

KnowBe4Security, Compliance, & Risk

KolideSecurity, Compliance, & Risk

LaunchDarklySecurity, Compliance, & Risk

LinearIT Service Management & Productivity

MailchimpBusiness Applications & Finance

MakeBusiness Applications & Finance

MastodonBusiness Applications & Finance

MondayIT Service Management & Productivity

MongoDB AtlasCloud Infrastructure & Hosting

NamecheapCloud Infrastructure & Hosting

NetskopeSecurity, Compliance, & Risk

NetSuiteBusiness Applications & Finance

New RelicObservability, Monitoring, & Analytics

NomadDeveloper Tools & CI/CD

OktaIdentity, Access, & Authentication

OpenStackCloud Infrastructure & Hosting

OpsgenieIT Service Management & Productivity

OracleCloud Infrastructure & Hosting

Oracle FusionBusiness Applications & Finance

OVHcloudCloud Infrastructure & Hosting

PagerDutyIT Service Management & Productivity

PanoraysSecurity, Compliance, & Risk

PaylocityHR & Workforce Management

PeopleSoftHR & Workforce Management

QualysSecurity, Compliance, & Risk

Rapid7Security, Compliance, & Risk

RipplingHR & Workforce Management

SalesforceBusiness Applications & Finance

SAPCloud Infrastructure & Hosting

ScalewayCloud Infrastructure & Hosting

ScalingoCloud Infrastructure & Hosting

SentinelOneSecurity, Compliance, & Risk

ServiceNowIT Service Management & Productivity

ShopifyBusiness Applications & Finance

SlackIT Service Management & Productivity

SnowflakeObservability, Monitoring, & Analytics

SplunkObservability, Monitoring, & Analytics

StripeBusiness Applications & Finance

Sumo LogicObservability, Monitoring, & Analytics

SupabaseDeveloper Tools & CI/CD

TailscaleSecurity, Compliance, & Risk

TenableSecurity, Compliance, & Risk

TrelloIT Service Management & Productivity

Trivy (Aqua)Security, Compliance, & Risk

TwilioBusiness Applications & Finance

UKGHR & Workforce Management

VercelCloud Infrastructure & Hosting

VirusTotalSecurity, Compliance, & Risk

VMware vSphereCloud Infrastructure & Hosting

WizSecurity, Compliance, & Risk

WorkdayHR & Workforce Management

WorkOSIdentity, Access, & Authentication

Workspace ONECloud Infrastructure & Hosting

ZendeskIT Service Management & Productivity

ZoomIT Service Management & Productivity

ZscalerSecurity, Compliance, & Risk

ZuoraBusiness Applications & Finance

Don't see your tool?

Because every integration is built in-house, we prioritize new connections based on what you actually use — and the AI Blueprint Builder lets you create custom evidence queries without SQL.

Request an integration →

Why our integrations are different

Built in-house, built for evidence

Most GRC tools resell generic third-party connectors. Compyl engineers every integration itself — purpose-built to validate controls and produce audit evidence, not just sync data.

100% in-house — no connector middleware, deeper data access, faster fixes.
Live data, not snapshots — connections refresh continuously.
Evidence-ready by default — data maps to controls and stores as audit evidence.
Out of the box — connect in minutes, request new integrations any time.

How it works

From connected system to continuous evidence

Each integration runs the same loop, automatically — so your tools do the compliance work with you.

Connect

Authorize an integration in minutes — no engineering ticket.

Pull live data

Compyl collects current data on a continuous schedule.

Map to controls

Data is matched to the controls and frameworks it validates.

Continuous evidence

Results store as audit-ready evidence, scored by Evidence Health.

Evidence everywhere

One integration, evidence for every framework

Data pulled by a single integration cross-maps across every framework it supports — collect once, satisfy many.

SOC 2 ISO 27001 HIPAA GDPR PCI DSS NIST CSF NIST SP 800-53 HITRUST CCPA 20+ frameworks

125+

Integrations, every one built in-house

Categories — cloud, identity, code, security & more

Live

Continuous data, not point-in-time snapshots

20+

Frameworks fed by a single evidence library

Recognized by users on G2

Rated a leader by the teams who use it

FAQ

Integration questions, answered

Compyl supports 125+ integrations across cloud infrastructure (AWS, Azure, Google Cloud), identity and access (Okta, Duo, JumpCloud, Auth0), developer tools (GitHub, GitLab, Jenkins), security and risk (CrowdStrike, Qualys, Wiz, Tenable, SentinelOne), observability (Datadog, Splunk, Snowflake), IT service management (Jira, ServiceNow, PagerDuty, Slack), HR systems (Workday, Rippling, BambooHR), and business applications (Salesforce, NetSuite, Stripe). Every integration is built in-house.

Yes. Every Compyl integration is engineered and maintained in-house — Compyl does not rely on third-party connector middleware. That means deeper data access, faster fixes, and integrations purpose-built for GRC evidence rather than generic data sync.

Compyl integrations pull live data on a continuous schedule, not one-time snapshots. Each connection refreshes automatically so your control status and audit evidence always reflect the current state of your systems.

Each integration pulls live data from a connected system, Compyl maps that data to the controls it validates, and the result is stored as timestamped audit evidence. Compyl's Evidence Health then scores each artifact for relevance, freshness, and completeness, so evidence stays audit-ready across SOC 2, ISO 27001, HIPAA, and 20+ frameworks.

Yes. Because integrations are built in-house, Compyl can prioritize and build new connections based on customer need — and the AI Blueprint Builder lets teams create custom evidence queries against connected systems without writing SQL.

Explore next

Explore the rest of the platform

Solution