Xray Integration with Lightstep

JFrog Integrations Documentation


The JFrog Xray Lightstep integration provides a way to manage incident response for security and license compliance issues. With this integration organizations can combine JFrog Xray application security code scanning with Lightstep’s intelligent incident response and management capabilities, to identify compliance and security issues earlier in their DevOps pipeline and engage the necessary teams for timely response and remediation.

To see a video of this example, click here


If you need help with this integration, please contact support@jfrog.com

How It Works

JFrog Xray violations are sent via a webhook into Lightstep where they surface as incidents and alerts. Once in Lightstep, they can be managed through Lightstep’s incident lifecycle management tools.


Each incident/alert from Xray includes metadata about the vulnerability or license issue. From Lightstep, a response administrator can assign these incidents to dedicated SRE teams, set up automated actions, prioritize and acknowledge incoming issues and compose notes, or even collaborate with other teams to accelerate the remediation.