• /
  • EnglishEspañol日本語한국어Português
  • Inicia sesiónComenzar ahora

FOSSA integration

The New Relic integration for FOSSA helps to support your application security initiatives by allowing you to view exploitable vulnerabilities. You can view the health and performance metrics of your applications in your New Relic dashboard as well as the open source code usage.

Additionally, you can view the overall list of vulnerabilities, view and modify their priorities, see details of each vulnerability and recommended steps to remediate them. The integration also gives you:

  • Centralized application performance and security monitoring: See FOSSA’s list of open-source vulnerabilities that may impact your code, alongside your application performance, health and other security metrics in your New Relic dashboard.
  • Improved Code Quality and developer confidence: Continue building secure applications as you add open source code (and subsequently related dependencies). This list of dependencies and vulnerabilities is continuously updated with leveraging FOSSA integration.
  • Enhanced Compliance: Demonstrate adherence to security standards and regulations by centrally managing open-source vulnerabilities.

Prerequisites

Before you begin, make sure you have the following:

Install the FOSSA integration

Obtain FOSSA API Token

  1. Log in to your FOSSA account.
  2. Navigate to Account Settings.
  3. Create a new full access API token (push-only tokens are not supported). Learn more about API tokens

Search for FOSSA integration

  1. Log in to your New Relic account and navigate to the Integrations & Agents page.
  2. Search for the FOSSA integration.
  3. Click on the FOSSA logo.

Enter FOSSA account details

  1. Enter the FOSSA API token you obtained in Step 1.
  2. Enter account name which will serve as a unique identifier for the FOSSA account you are integrating with.

Configure polling

  1. Select the desired frequency for New Relic to poll FOSSA for updates on vulnerabilities in your projects.
  2. Click Save to confirm your configuration.
  3. Once you complete the integration, click on the See summary button to see your data.

See your data

Once you complete the integration, the first polling process can take up to 10 minutes to reflect data in New Relic.

Once the first polling process completes, you can use the integration to identify FOSSA data in New Relic:

View data in Vulnerability Management

  1. Navigate to the Vulnerability Management page.

    Vulnerability management screen
  2. Click on the Vulnerabilities tab. This will display a list of all vulnerabilities discovered across your monitored applications.

  3. Utilize the filters available on the page. Locate the Source filter and select Fossa. This will filter the list to show only vulnerabilities identified by the FOSSA integration.

    Vulnerability management vulnerabilities tab

Querying vulnerability events

When New Relic processes FOSSA events, they're stored in the Vulnerability table. To query this table and view the raw data:

  1. Go to one.newrelic.com > Query your data.

  2. Enter the following query:

    FROM Vulnerability SELECT * where source = 'Fossa' since 7 days ago
Copyright © 2024 New Relic Inc.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.