Sprinto Dashboard

DeepSource Integration

DeepSource is a code monitoring service designed for developers to automatically find and fix code quality issues, security vulnerabilities, and performance inefficiencies in their codebase.

How does this integration help Sprinto

The integration below assists Sprinto in meeting compliance requirements concerning vulnerability monitoring on production classified code repositories. Sprinto detects vulnerabilities from your configured DeepSource account and ensures they are resolved within the defined SLA (Service Level Agreement) with the assistance of Sprinto's checks.

Sprinto checks for DeepSource integration

Following are the Sprinto checks available for DeepSource integration:

Sprinto check
Required action

DeepSource vulnerability alert should be resolved within SLA

This check activates when Sprinto detects a vulnerability in the open status on your configured DeepSource account.

To fix this check, resolve the detected vulnerability from the source.

Before your begin

  • Ensure you have “Admin” access on the DeepSource account you wish to integrate on Sprinto.

  • Log in on Sprinto as administrator.

Integrate Sprinto with DeepSource

Follow the below steps to integrate Sprinto with DeepSource:

  1. Get the API key from the DeepSource account.

  • Log in to DeepSource account using your credentials or available Single Sign-On (SSO) options.

  • Go to Settings > Tokens, and click Generate a New Token.

  • Enter the token name and set the expiry. We recommend setting the token expiration to “Never expire.” Click Generate.

  • Copy the generated token and save it securely. We will need this token on Sprinto to build integration.

  1. Integrate DeepSource on Sprinto.

  • Go to Security Hub > Settings > Integrations > Available, and click Connect next to DeepSource.

  • Read the on-screen instructions, and click Next.

  • Enter the API token copied from Step 1, and click Connect.

  1. Add DeepSource as a vulnerability monitoring source.

  • Go to Security Hub > Vulnerabilities > Overview, and click + Add Monitoring Source.

  • On Add Vulnerability monitoring source page, click Choose next to DeepSource.

  • Click Add DeepSource from the configuration page.

After completing Step 2, allow 15 to 20 minutes for Sprinto to finish the data syncing process. Sprinto may take a few hours to evaluate the synced data and activate relevant Sprinto checks. If needed, go to Security Hub > Vulnerabilities and click DeepSource to review the pending Sprinto checks.

Contact Sprinto support if you have any queries regarding the integration or need any assistance

PreviousDatadog IntegrationNextDigitalOcean Integration

Last updated