Sprinto Dashboard

Socket Integration

Socket is a code monitoring service designed for developers to automatically find and fix code quality issues, security vulnerabilities, and performance inefficiencies in their codebase.

How does this integration help Sprinto

The integration below assists Sprinto in meeting compliance requirements concerning vulnerability monitoring on production classified code repositories. Sprinto detects vulnerabilities from your configured Socket account and ensures they are resolved within the defined SLA (Service Level Agreement) with the assistance of Sprinto's checks.

Sprinto checks for Socket integration

Following are the Sprinto checks available for Socket integration:

Sprinto check
Required action

Socket vulnerability alert should be resolved within SLA

This check activates when Sprinto detects a vulnerability in the open status on your configured Socket account. To fix this check, resolve the detected vulnerability from the source.

Before your begin

  • Ensure you have “Admin” access on the Socket account you wish to integrate on Sprinto.

  • Log in on Sprinto as administrator.

Integrate Sprinto with Socket

Follow the below steps to integrate Sprinto with Socket:

  1. Get the API key from Socket account.

  • Log in to Socket account using your credentials or available Single Sign-On (SSO) options.

  • Go to Settings on the Socket Developer portal and select the API Tokens tab.

  • Click Create API Token.

  • Enter a token name, and select the following scopes

    • Report: list

    • Report: read

    • Repo: list

  • Click Confirm to save your changes.

  • Copy the generated API token and save it securely. We will need this token on Sprinto to build the integration.

  1. Integrate Socket on Sprinto.

  • Go to Security Hub > Settings > Integrations > Available, and click Connect next to Socket.

  • Read the on-screen instructions, and click Next.

  • Enter the API token copied from Step 1, and click Connect.

  1. Add Socket as vulnerability monitoring source.

  • Go to Security Hub > Vulnerabilities > Overview, and click + Add Monitoring Source.

  • On Add Vulnerability monitoring source page, click Choose next to Socket.

  • Click Add Socket from configuration page.

After completing Step 2, allow 15 to 20 minutes for Sprinto to finish the data syncing process. Sprinto may take a few hours to evaluate the synced data and activate relevant Sprinto checks. If needed, go to Security Hub > Vulnerabilities and click Socket to review the pending Sprinto checks.

If you need any assistance with the integration, kindly get in touch with Sprinto support.

PreviousSnyk IntegrationNextSonarCloud Integration

Last updated