The JFrog Xray integration is available from within the Lightstep console: Select Integrations from the Lightstep console’s navigation pane. Click the JFrog Xray integrations card Fill out the details in the form to enable the integration.
You’ll then need to create a webhook endpoint in Lightstep for JFrog Xray to send automated real-time messages and information to Lightstep Incident Response. When you click Generate Webook, Lightstep will create a webhook URL for the secure endpoint. You can then use this webhook URL to configure the webhook in JFrog Xray. Once Lightstep and Xray are connected in this way, you can create security and license policies in JFrog Xray. You can specify rules for Xray to look for the specific CVEs, severity level, or other criteria that you care most about. In your policies, you can specify an automatic action to trigger the Lightstep webhook through the JFrog Platform event service when Xray discovers that policy has been violated, and send a violation event message to Lightstep.
Need More Information?
To see how to create Xray policies and watches, see the video How to create Xray Policies and Watches. Everything is now ready for you to manage and remediate your Xray policy violations through Lightstep!