Security awareness data shouldn't live on an island. ScamDrill feeds your SIEM and workflows through signed webhooks, onboards your people from the directory you already maintain, and exports everything your GRC tooling wants.
Subscribe your endpoints to simulation and training events — clicks, reports, completions, membership changes — and react in your own systems the moment they happen.
Every delivery carries a signature computed with your endpoint's secret, so your receiver can verify each payload genuinely came from ScamDrill before acting on it.
Transient failures are retried automatically with exponential backoff. Endpoints that keep failing are disabled rather than hammered, and you can re-enable from the dashboard.
Point deliveries at your SIEM's HTTP collector to correlate simulation clicks with the rest of your security telemetry — no polling, no CSV shuffling.
Organization API keys are created and revoked from your dashboard — scoped to your org, nothing else.
Generate keys from your organization settings for programmatic access to your org's training and simulation data. Revoke any key instantly.
Completion records, campaign outcomes, and progress trends export from the dashboard — the artifacts audits, cyber-insurance questionnaires, and board decks ask for.
Run ScamDrill's compliance training through your existing LMS via API integration, keeping completion tracking where your L&D team already lives.
However your org manages people, getting them into ScamDrill is a non-event.
Upload a roster or invite by email, organized into departments for targeting and comparison. The path of least resistance for smaller teams.
Sync members from Okta, Azure AD, or Google Workspace so joiners get enrolled and leavers stop receiving drills — without anyone maintaining a spreadsheet.
Single sign-on via SAML 2.0 or OIDC plus SCIM 2.0 user lifecycle management. Available as an add-on on Business and Enterprise plans; included on Max.
Webhook signing, tenant isolation, encryption, and our compliance roadmap are documented plainly on the security & trust page — including what's in place today versus what's planned. Send us your questionnaire via the contact page and we'll turn it around quickly.
Each delivery includes an HMAC-SHA256 signature over the payload, computed with the secret shown when you create the endpoint. Recompute the signature on your side and compare before processing — standard webhook verification, no surprises.
Failed deliveries are retried with exponential backoff. If an endpoint keeps failing, it's automatically disabled so we don't hammer a dead receiver — re-enable it from the dashboard once it's healthy and new events flow again.
Both live in your organization dashboard's settings — create, rotate, and revoke without contacting support. Admin access required.
Webhooks, API keys, CSV onboarding, and exports are organization-plan features; SSO and SCIM are available as an add-on on Business and Enterprise and included on Max. Current plans and pricing are published on the organizations page.
Self-serve signup, published pricing, and a 30-day trial — long enough to stand up webhooks and see real events flow.