ceven

Conveyor

Automates the collection of security evidence and the drafting of security questionnaires by linking your trust center to your internal documentation and product lines.

Try Conveyor in Ceven

Ask Ceven anything
Standard

Why use Ceven?

  1. AI native Conveyor integration

    • Describe the outcome and Ceven picks the right Conveyor calls, fills the parameters, and checks the result.
    • Structured, agent friendly tool schemas so each call runs reliably instead of by guesswork.
    • Rich coverage for reading, writing, and querying your Conveyor data, across all 25 of its actions.

  2. Managed auth

    • Built in OAuth with automatic token refresh and rotation.
    • One place to manage, scope, and revoke Conveyor access.
    • Per user and per environment credentials instead of shared keys.

  3. Agent optimized design

    • Actions are tuned from real success and error rates so reliability climbs over time.
    • Full execution logs so you always know what ran in Conveyor, when, and on whose behalf.
    • The agent pauses and asks when Conveyor is unclear instead of plowing ahead.

  4. Enterprise grade security

    • Fine grained access so you control which agents and people can reach Conveyor.
    • Least privilege by default, read scopes first and only the writes a workflow needs.
    • A full audit trail of every Conveyor action to support review and sign off.

Supported tools

Every action Ceven's agents can run on Conveyor, and when to use it.

Submit question
Use this when you need an immediate AI generated answer for a specific product line question from the knowledge base.
Upload document
Push a new security certificate or policy file up to 100MB into the platform.
Create authorization
Use this to grant a specific user or email access to the trust center based on a request.
Patch authorization
Update access groups or revoke a user authorization to maintain strict security boundaries.
Create folder
Organize security documents into a new folder to keep evidence separated by audit type.
Patch document
Modify metadata or attributes of an existing security document by its ID.
Get knowledge base questions
Pull all stored questions and answers to audit the current state of your security knowledge base.
Get authorization requests
List all pending or completed requests for trust center access, optionally filtered by status.
Get document
Retrieve a specific security document by ID to verify its current version or status.
Get all connections
Pull a complete list of all active tool connections integrated with your Conveyor account.
Delete document
Remove a specific document by ID when it is no longer valid or required for compliance.
Get product lines
Fetch all configured product lines to ensure questions are mapped to the correct offering.
Delete a Conveyor document
Tool to delete a specific document. Use when you need to remove a document by its ID.
Delete folder
Tool to delete a folder by its ID. Use when you need to remove a specific folder after confirming its ID.
Generate/Validate API Token Guidance
Tool to validate API token and provide guidance. Conveyor does not support API based token creation; tokens must be created in the Conveyor UI. This action performs a real API call (using the provided metadata) to validate the existing API
Get Authorization Request
Tool to fetch details of a specific authorization request. Use when you need to retrieve metadata by authorization_request_id.
Get all authorization requests
Tool to retrieve all authorization requests. Use when you need to list all authorizations; optionally filter by status. Use after authenticating with a valid API token.
Get all Conveyor connections
Tool to retrieve all connections. Use when you need to fetch the complete list of your Conveyor connections. Use after authenticating with a valid API key.
Get all Conveyor documents
Tool to retrieve all documents. Use after authenticating with a valid API key.
Get all Conveyor folders
Tool to retrieve all folders. Use after authenticating with a valid API key to fetch the complete list of your Conveyor folders.
Get interactions by document ID
Tool to fetch interactions associated with a specific document. Use when you need to list all interactions for a given document after validating its existence.
Patch Conveyor document
Tool to update document attributes. Use when you need to modify fields of an existing document by its ID.
Create new authorization
Tool to create a new authorization. Use when you need to grant access by email or from a prior authorization request.
Upload new document
Tool to upload a new document. Use when you have a local file (<=100MB) to send to Conveyor.
Create new folder
Tool to create a new folder in Conveyor Exchange. Use when you need to organize items into folders programmatically after obtaining an API key.
Submit single question
Tool to submit a single question. Use when you need an immediate AI generated answer for a specific product line question.

26 actions · scroll to see them all

Frequently asked questions

Ceven acts as a secure conduit between your local files and the Conveyor API. When you trigger an upload, the agent streams the file directly to Conveyor using encrypted transit. Ceven does not store a permanent copy of your security certificates or internal policies on its own servers. Once the API returns a success code from Conveyor, the temporary buffer is cleared. Access to these actions can be restricted to specific admin roles within your Ceven workspace to ensure only authorized personnel can push new evidence into your trust center, maintaining a clean audit trail for your compliance officers.
Yes, you can build a workflow where Ceven monitors for new authorization requests and approves them based on specific criteria. For example, you can set a rule to auto approve any request coming from a verified corporate email domain that matches a known lead in your CRM. For all other requests, the agent can flag them for manual review and send a notification to your security team via Slack. This allows you to scale your trust center access without manually clicking approve for every single prospective customer while still maintaining a gate for unknown entities.
Conveyor imposes a strict limit of 100MB per file for document uploads via the API. If the agent attempts to upload a file larger than this, the API will return an error and the workflow will fail. For very large files such as massive audit reports or raw log dumps, we recommend hosting the file in a secure cloud bucket and providing a signed link or splitting the document into smaller logical parts before using the upload action. The agent can be configured to check file size before attempting the upload to provide a cleaner error message.
When you use the submit question action, Ceven sends the query to Conveyor, which then searches your established knowledge base and product lines. Conveyor uses its internal AI to synthesize an answer based on your previously approved security documentation. The agent can then take that draft and either post it directly into a questionnaire or send it to a human for a final sign off. This ensures that the answers provided to customers are consistent with your official security posture and based on the most recent evidence you have uploaded to the platform.
No, this is a specific limitation of the Conveyor platform. Conveyor does not support the creation or rotation of API tokens through their API for security reasons. Tokens must be manually generated within the Conveyor user interface by an administrator. Once you have created the token in the UI, you provide it to Ceven to authenticate the connection. While the agent can validate if a token is still active and provide guidance on its status, it cannot programmatically mint new keys or reset passwords for your Conveyor account.
Absolutely. The agent can create folders and move documents into them programmatically. A common workflow is to have the agent create a folder for the current calendar year and a subfolder for each specific audit, such as SOC 2 or HIPAA. As new evidence is uploaded, the agent can automatically route the file to the correct folder based on the file name or metadata. This prevents your trust center from becoming a flat list of files and makes it much easier for auditors to navigate your evidence during a review period.
Ceven can pull your full list of product lines and use that context to route questions. If your company sells three different software products with different security profiles, the agent identifies which product line the question refers to before submitting it to the knowledge base. This ensures that a customer asking about the security of your API platform gets a different answer than a customer asking about your mobile app. You can build logic into your workflow to prompt the user for the product line if the incoming request is ambiguous.
Yes, you can configure a polling workflow or use a webhook if available to have Ceven check for new authorization requests at set intervals. When a new request is detected, the agent can extract the requester email and company name and push that data into your communication tools. This removes the need for your security team to log into the Conveyor dashboard multiple times a day to check for new leads, effectively turning your trust center into a lead generation signal for your sales and security teams.

Alternatives to Conveyor

Other tools that solve a similar problem. Ceven supports these too, so you can switch or run more than one at once.

Vanta logoVantaDrata logoDrataSafeBase logoSafeBase

Try Ceven on your stack

Plug Ceven on top of the tools you already run. Connect Conveyor and the rest of your stack, describe the outcome, and its agents handle the work end to end, days of it in minutes.

Get started for free