Versions Compared

Old Version 35

changes.mady.by.user Tsur Rothfeld

Saved on

compared with

New Version Current

changes.mady.by.user Lena Kleyner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Table of Contents

General Information

JFrog Xray works with JFrog Artifactory to perform universal analysis of binary software components at any stage of the application lifecycle. 

The WhiteSource Mend Xray integration is a vulnerability feed that can be easily integrated with your Xray account.

In order to integrate WhiteSource Mend with JFrog Xray, simply add your WhitesSource organization API key to your Xray configuration.

Info

Your organization API key is available on the Integrate tab of your WhiteSource Mend account, under Integration.

Setting Up the

...

Mend Integration

  1. Login to JFrog Xray with administrator permissions. From the main menu, select Admin > Configuration > Integrations.

  2. The integration pop-up window appears. Select the WhiteSource Mend icon from the integration list, and enter the WhiteSource Mend API key in the API Token field.

    Image RemovedImage Added


    The test URL is https://saas.whitesourcesoftwareMendsoftware.com/xray/api/checkauth or in Azure EU https://app-eu.whitesourcesoftwareMendsoftware.com/xray/api/checkauth

...

Once integrated, Xray starts pulling data from WhiteSource Mend based on your watches (rules).

WhiteSource Mend provides all relevant information about security vulnerabilities (severity, impacted versions and actionable remediation suggestions), and known severe software bugs for each of the displayed open source components. To view vulnerabilities: 

  1. Go to the Security tab of a specific package as displayed in the following screenshot:

    Image RemovedImage Added

  2. Select a specific component in order to view details on the security vulnerability.

    Image RemovedImage Added