Skip to content

Automate

If the platform can do it, your scripts can too. Automate covers every programmable surface Escape exposes: the public API, the CLI, the MCP Server, workflow triggers and actions, CI/CD integrations, notifications, ticketing, and scan scheduling. The guiding idea is that security automation should feel like engineering, not operations.

What's Here

  • Public API: the full REST surface Escape exposes for programmatic control of scans, assets, issues, and workflows.
  • CLI: run scans, manage assets, and script everything from your terminal or CI.
  • MCP Server: the Model Context Protocol server that turns Escape into a first-class tool for AI coding assistants.
  • Workflows: triggers, conditions, actions, and throttling to route findings and react to events.
  • CI/CD: run scans on every merge or release across GitHub Actions, GitLab CI, Bitbucket Pipelines, CircleCI, Jenkins, Azure DevOps, Travis, Harness, and Bamboo.
  • Notifications and Ticketing: Slack, Teams, Discord, Jira, email.
  • Scan Scheduling: CRON-based scheduling for automated coverage.
  • Custom Integrations: generic webhooks and the public API for anything we don't ship natively.

Why It Matters

The difference between a security platform and security infrastructure is whether it composes. Automate is the pillar that makes Escape compose: every action a user can take in the UI has an API and CLI counterpart, every event that fires in the platform can drive a workflow, and every finding can be routed to the system that owns the fix.