GRC Platform Integrations
Infracast integrates with the major GRC platforms used by DoD and federal civilian agencies — eliminating manual re-entry and keeping every system in sync.
This page covers federal GRC integrations added in Build 34 (eMASS, CSAM, ServiceNow GRC module, RSA Archer). For ITSM and SIEM integrations (ServiceNow CMDB, Jira, Splunk, Slack, Teams, Okta SSO), see Integrations Overview.
eMASS (Enterprise Mission Assurance Support Service)
eMASS is the DoD's authoritative system for RMF ATO management. Infracast pushes POA&M items and control assessment results directly to eMASS.
What Syncs
| Direction | Data |
|---|---|
| Infracast → eMASS | POA&M items (create, update, close) |
| Infracast → eMASS | Control assessment results |
| Infracast → eMASS | Monthly scan result summaries |
| eMASS → Infracast | Manual assessment updates |
| eMASS → Infracast | POA&M status updates |
STIG Checklist Export
For DISA STIG-regulated systems, Infracast generates CKL files from agent configuration assessments:
vulcan emass export-ckl --tenant acme --host web-01 --output web-01.ckl
Configuration
Settings → Integrations → eMASS
- eMASS API URL
- API Key
- System ID
- Sync direction: Push only | Pull only | Bidirectional
- Schedule: On ConMon package | Daily | On change
CSAM (Cyber Security Assessment and Management)
CSAM is the primary GRC tool for civilian federal agencies (CISA, GSA, DHS). Infracast auto-submits monthly ConMon deliverables to CSAM.
What Syncs
| Direction | Data |
|---|---|
| Infracast → CSAM | Monthly ConMon packages (POA&M, scan results) |
| Infracast → CSAM | Control implementation status |
| Infracast → CSAM | Significant change notifications |
| CSAM → Infracast | Manual attestations |
Monthly Auto-Submit
When enabled, Infracast automatically submits the ConMon package to CSAM on the last business day of each month.
ServiceNow GRC
Integrates with the ServiceNow GRC module (separate from the CMDB/ITSM integration in Build 20).
What Syncs
| Infracast | ServiceNow GRC |
|---|---|
| POA&M item | Risk (sn_risk_risk) |
| Finding | Indicator result |
| Control | Policy Control (sn_compliance_control) |
| Evidence artifact | Evidence (sn_compliance_evidence) |
Configuration
Settings → Integrations → ServiceNow GRC
- ServiceNow instance URL
- OAuth token
- GRC module scope
- Control framework mapping (NIST 800-53 → your policy framework)
RSA Archer
Export control status and finding data to Archer's IRM content.
Export Format
# Generate Archer-compatible export
GET /api/v1/tenants/{tenantID}/integrations/archer/export?format=xml&framework=nist-800-53
Exported XML/CSV is imported via Archer's Data Feed Manager.
Common API Endpoints
# Test a connection
POST /api/v1/tenants/{tenantID}/integrations/{type}/test
# Trigger sync
POST /api/v1/tenants/{tenantID}/integrations/{type}/sync
# Sync status and logs
GET /api/v1/tenants/{tenantID}/integrations/{type}/status
GET /api/v1/tenants/{tenantID}/integrations/{type}/logs
Security
- All credentials stored encrypted (AES-256-GCM) in Postgres
- API responses redact secrets — credentials are write-only after initial save
- Failed syncs retry up to 3× with exponential backoff
- Persistent failures generate in-app alert + optional email notification
Availability
| Integration | Tier Required |
|---|---|
| eMASS push | Enterprise Plus / Gov |
| eMASS bidirectional | Gov |
| CSAM push | Enterprise Plus / Gov |
| CSAM auto-submit | Gov |
| ServiceNow GRC | Enterprise Plus / Gov |
| RSA Archer | Enterprise Plus / Gov |
Related Features
- Evidence Engine — Generates artifacts that GRC platforms import
- POA&M Management — POA&M items are the primary data pushed to GRC systems
- Continuous Monitoring — ConMon packages feed CSAM monthly deliverables