# Sysdig

SysDig is a tool used to automate vulnerability detection, streamline compliance checks, and improve security posture across the DevSecOps lifecycle.

The following are the uses of integrating JFrog artifactory with Delivery Shield:

* SysDig is integrated with SSD to monitor cloud infrastructure (e.g., AWS, GCP, Azure) for misconfigurations and policy violations.
* It helps in Vulnerability Management and scans container images to identify known vulnerabilities (CVEs) before and after deployment.

### To Integrate Sysdig:

1. Navigate to **Config** > **Integrations**.
2. In the **Artifact** panel, click **Sysdig**.

<figure><img src="https://2047464521-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MBEa1hoX6SqpDj-ymNs%2Fuploads%2FoOhzb7w9ZSv0PmTKHUB6%2Fsysdig%201.png?alt=media&#x26;token=ac43b570-312d-4d6a-9383-877a8c59c0f6" alt=""><figcaption></figcaption></figure>

3. The Sysdig integration page is displayed. Click **+New Account**.
4. In the popup that appears, enter the following details:

<figure><img src="https://2047464521-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MBEa1hoX6SqpDj-ymNs%2Fuploads%2Fny1BWwq902YtMJ9MxR5W%2Fsysdig%202.png?alt=media&#x26;token=ce6da36a-38b9-48be-a5f1-31328b7d2423" alt=""><figcaption></figcaption></figure>

* **Account Name -** Enter the name of the Sysdig account.&#x20;
* **Url -** Enter the Url of the approved artifact repository from which the images are deployed.  Security issues are raised by SSD if you try to deploy images from a different repository.&#x20;
* **Token -** Enter the password to access the Sysdig account.&#x20;
* Select the **Teams** and the corresponding **Environments** from the dropdown for which you want the integration to be available. The integration will be available for the selected teams and environment only.&#x20;

  <div data-gb-custom-block data-tag="hint" data-style="info" class="hint hint-info"><p>You can select up to 5 teams for the integration to be displayed. </p></div>

  * An example is given below for reference:

  <figure><img src="https://lh7-rt.googleusercontent.com/docsz/AD_4nXeuMZQzZsZQuulVdW9B9OuffNPoEXqbcpcAkYtKVyb7YiTQxbVIt1L4Gh-zshqX2J9MFKIat8x4oWFIGxdg3j1XVagyUNhUAlD_52soyMyd1cy53p6XiYi0LsTjIBfHcybRWl61?key=D9EXoOdGF7oYOBvYaW2GnRWJ" alt=""><figcaption></figcaption></figure>

  * In the example above,&#x20;
    * if **Team 1**, **Team 2**, and **Team 3** are selected, only applications associated with these teams can access the integration. Any applications belonging to other teams, such as **Team 4**, will not have access to this account.
    * Even if the user who created this account is also an admin for **Team 4**, the integration account remains restricted and is not available for **Team 4**.&#x20;
    * Access to the account is strictly limited to the specified **Teams** and **Environments** selected during account creation.
  * **For Organization Admins:**
    * When an **Organization Admin** creates an account without selecting specific **Teams** and **Environments**, the account will be universally applicable, granting access to **all teams** and **all environments** by default.
  * **For Team Admins with Multiple Teams:**<br>
    * If a **Team Admin** who manages multiple teams creates an account without specifying particular **Teams** and **Environments**, the account will only be accessible to the teams for which the logged-in user holds admin privileges.

5. Click **Save**. The Sysdig account gets added.&#x20;
6. You can edit the entered values by clicking the three dots provided at the end of each added account. Click **Edit**.
7. Enter the new values and click **Update**.&#x20;

The new values get updated.&#x20;

<br>