integrations

We meet you in the tools you already pay for.
Not the other way around.

GitHub gets the fix PR. Slack gets the alert. Linear or Jira gets the issue. Stripe runs the meter. That's the whole list — we'd rather ship five integrations that work than thirty that don't.

GitHubsource + remediation
in build

Auto-open fix PRs against the offending repo. The agent that confirmed the exploit also writes the patch and opens the PR — assigned to the file owner, labeled with severity and the finding id.

  • GitHub App install per org, no PAT scraping
  • fix PRs auto-opened on the default branch with a reproducible PoC
  • CODEOWNERS-aware reviewer routing
  • closes the finding when the PR merges; reopens if the regression returns
// status: app published, fix-PR writer in QA
Slackalerting
designed

One channel, one row per confirmed finding. No noise — info-level findings stay in the dashboard. High/critical pings on-call directly.

  • per-project channel routing
  • severity-aware mentions (on-call group for crit, channel for high)
  • inline "ack" + "dispute" actions
  • daily digest of medium findings to keep the channel scannable
// status: slack manifest ready, oauth flow stubbed
Linearissue tracking
designed

Confirmed findings sync as Linear issues in the project of your choice. The PoC, the captured session, the suggested patch — all inline. Status changes round-trip.

  • one Linear team per Brink project
  • severity → priority mapping you control
  • two-way sync: closing the Linear issue closes the finding
  • preserves the BRK-XXXX id in the issue title for easy cross-referencing
// status: schema mapped, webhook receiver pending
Jiraissue tracking
designed

For the teams that have to use Jira. Same model as Linear — confirmed findings as issues, sync goes both ways, severity becomes priority on a mapping you control.

  • project + issue-type routing per Brink project
  • custom-field mapping (PoC URL, repro curl, agent class)
  • cloud + data-center support
  • preserves BRK-XXXX in the summary for ctrl-f
// status: oauth + atlassian-connect descriptor drafted
Stripebilling
live

Confirmed-exploit pricing means metering happens on the validator passing — not on token spend. Stripe is the meter, and the customer portal is the source of truth for invoices.

  • usage events emitted as findings reach `confirmed` status
  • monthly caps enforced server-side, killable mid-cycle
  • self-serve dispute → automatic credit
  • customer portal for invoice + payment-method changes
// status: subscription + metered usage live in staging
next in line
// we build what production customers ask for, in the order they ask
PagerDuty
For teams that already route on-call through PD instead of Slack groups.
GitLab
Mirror of the GitHub app — fix MRs against GitLab projects.
Okta / Entra SSO
SAML/SCIM for enterprise. Currently OIDC via Better Auth for everyone.
SIEM webhook (Splunk / Datadog / generic)
Stream finding + run events into your security data lake.
the contract

What every integration agrees to.

Findings, not noise.

Integrations only fire on confirmed exploits. Info-level findings stay in the dashboard. No "consider reviewing", no severity inflation.

// validated → notified
Round-trip state.

Closing the issue/PR closes the finding. Reopening reopens it. The dashboard is not a separate ledger you have to remember to update.

// one source of truth
Scoped credentials.

Every integration uses an org-scoped app or OAuth grant. No PATs in env vars, no shared service accounts. Revoke at the source and Brink stops.

// least-privilege, always
missing your stack
Tell us what you'd plug us into and we'll either ship it or tell you why it's not worth it.