Developer portal
Integrations overview
Connect Qtangl to your existing cloud, lifecycle, and incident workflow systems.
Last updated: 2026-06-09
Integration model
Most enterprise teams run Qtangl in a hub-and-spoke model: inventory enters from cloud and lifecycle systems, findings are enriched and prioritized, then events and tickets flow out to operations systems. This keeps remediation ownership in existing tools while preserving a single risk view in Qtangl.
Supported integration surfaces
| Field | Type | Required | Description |
|---|---|---|---|
| Cloud inventory pull | AWS, Azure, GCP | No | Scheduled metadata pull for certificate and cryptographic inventory. Supports least-privilege credentials. |
| Keyfactor | CLM connector | No | Imports certificate lifecycle metadata and ownership context to improve prioritization and assignment. |
| CLM (general) | REST + file ingest | No | Brings external lifecycle status into Qtangl so remediation queues align with renewal and replacement programs. |
| Webhooks | Outbound event stream | No | Pushes signed event payloads for SIEM, SOAR, and internal event buses with retry and replay support. |
| Jira push | Ticketing workflow | No | Creates or updates remediation tickets from prioritized findings to keep security and platform teams aligned. |
Cloud pull patterns
- Use dedicated read-only service identities scoped to inventory and metadata APIs.
- Tag environments and business units upstream so findings route correctly downstream.
- Schedule pulls to precede scan windows so targeting reflects current infrastructure state.
Lifecycle and key management connectors
Keyfactor and other CLM integrations provide issuance context, owner data, and lifecycle timestamps. Qtangl uses this context to prioritize items that combine high cryptographic risk with near-term operational impact.
Outbound workflows: webhooks and Jira
Webhooks are the primary event transport for SIEM and automation consumers. Jira push is designed for teams that need queue-level accountability and SLA tracking on top of scan findings.
Continue with webhook delivery and signing and API conventions before moving to full production automation.
Found an issue? Report documentation feedback