Integrate JFrog Xray with Vulnetix. Use the JFrog CLI jf audit command to scan your project dependencies and export results as JSON or SARIF for upload to Vulnetix.
SaaS platformJSONSARIFCycloneDXSPDX
Run JFrog Xray in CI
Scan on every push and upload the results to Vulnetix:
- name: Install JFrog CLI
run: curl -fL https://install-cli.jfrog.io | sh
- name: Configure JFrog CLI
env:
JFROG_TOKEN: ${{ secrets.JFROG_TOKEN }}
JFROG_URL: ${{ secrets.JFROG_URL }}
run: jf config add ci --url "$JFROG_URL" --access-token "$JFROG_TOKEN" --interactive=false
- name: Run Xray audit
run: jf audit --format json > xray-audit.json
- name: Upload to Vulnetix
run: vulnetix upload --file xray-audit.json
Centralise JFrog Xray results in Vulnetix
Upload JFrog Xray JSON, SARIF, CycloneDX, SPDX output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.