API Extra

API Extra

Interact with other applications for advanced automation and leverage existing infrastructure.

What are SimpleRisk Extras?

SimpleRisk Core is our widely acclaimed, award winning, free and open source product that has been downloaded over 60,000 times and contains all of the basic Governance, Risk Management and Compliance (GRC) functionality needed to establish a foundational GRC program. As an organization’s GRC program matures, extended functionality is often required to meet requirements beyond what is available in the SimpleRisk Core offering.

To address these expanded needs, SimpleRisk has developed a variety of plug-and-play modules termed "Extras" that provide functionality above and beyond our SimpleRisk Core offering. These plug-and-play modules will be essential to the success of your GRC program as your organization grows and matures its processes. While all of our Extras are available in packaged bundles with both SimpleRisk On-Premise and Hosted deployment models, they can also be purchased A La Carte for those organizations that choose to deploy our platform on-premise.

Why was the API Extra created?

If you are looking for a way to integrate SimpleRisk with other applications where we don’t currently have native integration in place, the SimpleRisk RESTful API is an excellent option. The API Extra gives you the ability to create scripted interactions with other applications to gain advanced automation and leverage existing infrastructure.

How is the API Extra used?

While there are numerous examples where the API Extra can be useful, three common use cases include integration with Content Management Database Systems (CMDBs), Ticketing Systems and Business Intelligence/Reporting tools. Key benefits of these integrations include the ability to: 

  • Identify risks tied to enterprise-wide assets and create mitigation plans;
  • Synchronize risks between a ticketing system and SimpleRisk without requiring ticketing system users to log into SimpleRisk, promoting wider user adoption;
  • Leverage purpose-built BI and reporting systems to create highly customized reports for technical and business stakeholders alike.

Current native integrations provided by SimpleRisk include Rapid7 Nexpose/Insight, Tenable.io, Jira, and one of SimpleRisk’s free Extras, the ComplianceForge Secure Controls Framework. While additional integrations are on our road map, should a SimpleRisk customer have a more immediate need to integrate with a specific application, we also have the ability to perform a custom development effort to add an integration for your platform into the product. Here is a link to a blog that describes how our custom development process works.

What users would benefit from the API Extra?

Technical and business stakeholders alike can benefit from API integration, since it extends SimpleRisk functionality to automatically interact with key applications to address use cases that previously required a workaround or were inaccessible from the SimpleRisk system. In short, leveraging the API improves efficiency and increases your ROI with SimpleRisk. 

Which plans include the API Extra?

Our On-Prem Premium Package and our Hosted Large Enterprise Package provide access to the API Extra. Although our packages provide the most cost-effective way to purchase Extras, we do offer an A La Carte option if you are interested in customizing which Extras you would like to purchase.

How can I learn more about the API Extra or try it out for myself?

To learn more about the API Extra or discuss specific use cases for how your organization could use it, feel free to schedule a demo online. If you would like to try out the API Extra functionality for yourself, we offer a free (no credit card required!) 30 day trial. Please reach out to SimpleRisk Support if you have any additional questions about the API Extra or any of the additional functionality that we offer.