> For the complete documentation index, see [llms.txt](https://docs.sprinto.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.sprinto.com/integrations/overview/slscan-integration.md).
# SLScan Integration
The following guide helps you integrate and configure SLScan with Sprinto for vulnerability monitoring. You can also configure SLScan with code-hosting platforms like AWS CodeCommit, Azure DevOps, Bitbucket, and GitLab. Based on your SLScan use case, you can use the configuration procedure below.
### How does this integration help
Sprinto check: Dependency vulnerability scanner SLScan should be running
* Vulnerability monitoring: The integration enhances your ability to monitor vulnerabilities detected by SLScan from your configured code hosting service. Resolving these vulnerabilities within the stipulated SLA is essential to meeting data security compliance requirements. Sprinto facilitates this process by assigning relevant Sprinto checks for open vulnerabilities and notifying designated stakeholders to take the necessary actions to address and resolve them.
### Integrate SLScan on Sprinto
Follow the below applicable procedure to configure SLScan based on your use case:
### Before you begin
* Log in to the Sprinto admin portal.
* Ensure you have admin access on the cloud service provider you wish to deploy SLScan.
* Ensure you have admin access to the SLScan account to perform the integration.
### Vulnerability monitoring SLScan with AWS CodeCommit
1. Create a new AWS Role to configure SLScan on AWS.
* Log in to the AWS Console using your credentials.
* Navigate to the IAM service, then select Roles under Access Management.
* Click Create role to create a new role.
* Select the AWS account from the Select Trust Entities section.
* Select the Another AWS account option, and enter the Account ID as 001360870653.
* Select the checkbox next to the Require external ID option and enter the External ID as ImF3c2NjLTMzN2MyODZiLTRmYTgtNDQ4ZS04NTg1LTM3MDVlNDU2ZGMyNy01Ig==.
* Do not select the Require MFA option.
* Click Next to proceed further.
* Select the following policies, then click Next.
* AWSCodeCommitReadOnly
* IAMReadOnlyAccess
* Enter the role name and the description. Optionally, if required, you can add tags to the role.\
**- Role name**: sprinto-codecommit-role
* Click Create role.
2. Copy the newly created roles ARNs.
* Select the role you have created in the previous step. Use the search bar for quick navigation.
* Copy the ARN and save it securely. We will need this detail on Sprinto.
3. Configure SLSacn for AWS CodeCommit.
* Go to Data Library > Vulnerabilities > Overview, and click Add monitoring source.
* Click Choose next to SLScan.
* Click Connect AWS CodeCommit to configure SLScan for AWS CodeCommit.
* Click Connect AWS CodeCommit.
* Select the acknowledgment checkbox, and click Let’s connect the AWS account.
* Enter the ARN you copied from Step 1, and select your AWS account region.
* Click Connect AWS CodeCommit.
4. Configure SLScan for CodeCommit.
* From the[ Vulnerabilities Overview](https://app.sprinto.com/app/admin/vulnerabilities/overview) page, click Add monitoring source.
* Click Choose next SLScan.
* Click Choose next to Configure SLScan for CodeCommit.
* Click Add SLScan for AWS CodeCommit.
5. Configure repos for vulnerability monitoring.
* From the[ Vulnerability Overview](https://app.sprinto.com/app/admin/vulnerabilities/overview) page, select SLScan from the left-side navigation bar.
* Click Manage SLScan.
* The monitored code repositories are listed next to CodeCommit. If you don’t see any repos listed, click View to navigate to the Change mgmt section for repo classification.
Note: Vulnerabilities are monitored for all the “Production” classified code repositories.
#### Configure SLScan for Azure DevOps
1. Integrate SLScan for Azure DevOps.
* Go to Data Library > Vulnerabilities > Overview, and click Add monitoring source.
* Click Choose next SLScan.
* Click Connect Azure DevOps.
* Click Connect from the integration page.
* Log in to your Microsoft account using your credentials.
* Follow the on-screen instructions to grant Sprinto the necessary permissions.
2. Add SLScan as a vulnerability source.
* Come back to the[ Vulnerability Overview](https://app.sprinto.com/app/admin/vulnerabilities/overview) page and click Add monitoring source.
* Click Choose next to SLScan.
* Click Choose next to Configure Azure DevOps.
* Click Add SLScan for Azure DevOps.
3. Configure repos for vulnerability monitoring.
* From the[ Vulnerability Overview](https://app.sprinto.com/app/admin/vulnerabilities/overview) page, select SLScan from the left-side navigation bar.
* Click Manage SLScan.
* The monitored code repositories are listed next to DevOps. If you don’t see any repos listed, click View to navigate to the Change mgmt section for repo classification.
Note: All “Production” classified code repositories are monitored for vulnerabilities.
#### Configure SLScan for Bitbucket
Note: Ensure you’ve integrated and configured Bitbucket as a change management system. For detailed instructions, refer to[ the Bitbucket integration guide](https://sprinto.freshdesk.com/en/support/solutions/articles/72000594655-how-to-integrate-sprinto-with-bitbucket).
1. Integrate SLScan for Bitbucket.
* Go to Data Library > Vulnerabilities > Overview, and click Add monitoring source.
* Click Choose next SLScan.
* Click Connect Bitbucket.
* Click Connect from the integration page.
* Log in to your Bitbucket account using your credentials.
* Follow the on-screen instructions to grant Sprinto the necessary permissions.
2. Add SLScan as a vulnerability monitoring source.
* From the[ Vulnerability Overview](https://app.sprinto.com/app/admin/vulnerabilities/overview) page, click Add monitoring source.
* Click Choose next to SLScan.
* Click Choose next to Configure Bitbucket.
* Click Add SLScan for BitBucket.
3. Configure the code repositories for vulnerability monitoring.
* From the[ Vulnerability Overview](https://app.sprinto.com/app/admin/vulnerabilities/overview) page, select SLScan from the left-side navigation bar.
* Click Manage SLScan.
* The monitored code repositories are listed next to Bitbucket. If you don’t see any repos listed, click View to navigate to the Change mgmt section for repo classification.\
Note: All “Production” classified code repositories are monitored for vulnerabilities.
#### Configure SLScan for GitLab
1. Integrate SLScan for Gitlab.
* Go to Data Library > Vulnerabilities > Overview, and click Add monitoring source.
* Click Choose next to SLScan.
* Click Connect GitLab.
* Click Connect from the integration page.
* Log in to your GitLab account using your credentials.
* Follow the on-screen instructions to grant Sprinto the necessary permissions.
2. Add SLScan as a vulnerability monitoring source.
* From the[ Vulnerability Overview](https://app.sprinto.com/app/admin/vulnerabilities/overview) page, click Add monitoring source.
* Click Choose Next to SLScan.
* Click Choose next to Configure GitLab.
* Click Add SLScan for GitLab.
3. Configure the code repositories for vulnerability monitoring.
* From the[ Vulnerability Overview](https://app.sprinto.com/app/admin/vulnerabilities/overview) page, select SLScan from the left-side navigation bar.
* Click Manage SLScan.
* The monitored code repositories are listed next to Gitlab. If you don’t see any repos listed, click View to navigate to the Change mgmt section for repo classification.\
Note: All “Production” classified code repositories are monitored for vulnerabilities.
Please contact [Sprinto Support](mailto:www.Support@sprinto.com) if you have any queries related to the the integration or need any assistance.
---
# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.
## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.sprinto.com/integrations/overview/slscan-integration.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
