Integrations

We ask for read-only access.
Nothing more.

To prove what's truly exploitable, TrueBreach needs context across your cloud, code, and hosts. During onboarding we request least-privilege, read-only connections - here's exactly what we ask for, and why.

CLOUD · AWS / AZURE / GCP

Cloud configuration

Available now

What we request

A read-only IAM role (e.g. AWS SecurityAudit / ViewOnlyAccess) - security groups, load-balancer & WAF rules, public IPs, S3/bucket exposure, and network config.

Why we need it

To know what is actually exposed to the internet - so a vulnerable endpoint behind a closed security group is correctly suppressed, and an open one is flagged.

✓ read-only   ✓ no write/modify permissions   ✓ revocable any time

CODE · GITHUB

Source code

Available now

What we request

A read-only GitHub App scoped to the repos in scope - code contents and metadata only. No write, no admin, no actions permissions.

Why we need it

To map a vulnerable route or misconfiguration to the exact service that serves it - turning a guess into a provable, reachable exploit chain.

✓ read-only   ✓ scoped to in-scope repos   ✓ revocable any time

HOSTS · CROWDSTRIKE RTR

Live host state

Available now

What we request

A read-only CrowdStrike API key for Real Time Response - to read listening ports, running processes, and service-to-port mappings through your existing, trusted EDR.

Why we need it

To confirm a service is genuinely running and reachable on the box - the link that separates a theoretical finding from a real one. We use your EDR, never our own agent.

✓ read-only commands only   ✓ via your existing EDR   ✓ every command audited

HOSTS · MDM

Intune · Jamf · Tanium & more

Coming soon

Don't run CrowdStrike? We're building read-only host visibility through the command APIs of major MDM/UEM platforms - so you get the same live-state confirmation through whatever you already operate. Tell us what you use →

Our access principle

Least privilege, always read-only, fully revocable.

TrueBreach never requests write, modify, or destructive permissions to your infrastructure. Every connection is scoped to what's needed to prove exploitability, logged immutably, and can be revoked by you at any moment. See our security & data handling.

Request a breach test →