New Integration: Ramp

Drata now integrates with Ramp to automatically trigger vendor security reviews from spend requests — closing the loop between procurement, finance, and compliance.

Why It Matters

When someone adds a new vendor in Ramp, the security review process typically involves manual handoffs over email, duplicate data entry across systems, and no clear visibility into when a vendor is actually cleared for purchase. For organizations with vendor due diligence requirements under SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and similar frameworks, this gap creates real compliance risk.

The Ramp integration eliminates that manual handoff entirely.

What's New

• Automatic vendor creation: When a spend request in Ramp includes a new vendor, Drata detects it and creates the vendor record automatically — no duplicate data entry required.

• Custom field mapping: Fields from the Ramp request form map directly to Drata vendor fields, so context carries through without re-entry.

• Instant security review kickoff: Drata starts a vendor security review based on your configured program settings — review type, deadline, and required fields.

Notes

• The integration triggers for new vendors only. Requests for existing vendors continue to follow your current workflow.

• Setup does not require engineering work in most environments and can be completed in under 10 minutes.

Learn more at From Spend Request to Security Approved: How Ramp and Drata Automate Vendor Reviews.