External Integrations


ThreadFix integrates with one or more defect trackers; governance, risk and compliance (GRC) tools; scanner integrations; and web application firewalls (WAFs). All integrations listed below are included with your ThreadFix license purchase except for the Archer integration which requires a professional services engagement to tailor to the specific environment.

In ThreadFix version 2.8 and higher configuring these integrations can be done via the sidebar on the left under Integrations.

In ThreadFix prior to version 2.8 configuring these integrations can be done via the Cog menu → Integrations.

Defect Trackers

ThreadFix enables you to package vulnerabilities and push them to developers in the remediation tools and systems they are already using.

GRC Tools

ThreadFix helps you ensure your organization acts ethically correct and in accordance with its risk appetite, internal policies and external regulations through the alignment of strategy, processes, technology and people.

Scanner Integrations

ThreadFix allows users to de-duplicate, merge, and normalize vulnerabilities from market-leading scanning technologies. Integration methods include remote providers, scan agents and manual uploads.

Web Application Firewalls (WAFs)

ThreadFix lets you create virtual Web Application Firewall (WAF) rules to help block malicious traffic while vulnerabilities are being resolved.


The external integrations can be found here.