Vendor Security Reviews track the status of security reviews for Vendors. You can create a security review, upload questionnaires, and track the progress of the review. The help docs have more information.
Create a new Security Review for a given Vendor.
🔒 Requires Vendors: Create Security Review permission.
Created
Malformed data and/or validation errors
Invalid Authorization
You must upgrade your plan to use this feature
You are not allowed to perform this action
Not Found
You must accept the Drata terms and conditions to use the API
Internal server error
{- "reviewDeadlineAt": "2025-07-01T16:45:55.246Z",
- "securityReviewStatus": "NOT_YET_STARTED",
- "securityReviewType": "SECURITY",
- "requestedAt": "2025-07-01T16:45:55.246Z",
- "note": "Security Review note",
- "requesterUserId": 1,
- "title": "Security Review title"
}
{- "id": 1,
- "requestedAt": "2019-08-24T14:15:22Z",
- "reviewDeadlineAt": "2019-08-24T14:15:22Z",
- "decision": "APPROVED",
- "note": "string",
- "status": "NOT_YET_STARTED",
- "type": "SECURITY",
- "userId": 0,
- "requesterUserId": 0,
- "user": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "requesterUser": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}
}
Get a specific Security Review for a given Vendor.
🔒 Requires Vendors: List Vendors permission.
Successful
Malformed data and/or validation errors
Invalid Authorization
You must upgrade your plan to use this feature
You are not allowed to perform this action
Not Found
You must accept the Drata terms and conditions to use the API
Internal server error
{- "id": 1,
- "requestedAt": "2019-08-24T14:15:22Z",
- "reviewDeadlineAt": "2019-08-24T14:15:22Z",
- "decision": "APPROVED",
- "note": "string",
- "status": "NOT_YET_STARTED",
- "type": "SECURITY",
- "userId": 0,
- "requesterUserId": 0,
- "user": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "requesterUser": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}
}