JFrog

Akto scanning results can be seamlessly uploaded into JFrog as evidence artifacts, enabling security validation to travel with every stage of the software lifecycle. Whether it’s a package, a build, or a release bundle, Akto results can be attached as evidence, ensuring that vulnerabilities and compliance checks are transparently tied to the exact artifact version being shipped. This integration provides traceability, strengthens audit readiness, and embeds agentic AI security insights directly into the DevSecOps pipeline.

🔧 Steps to upload Akto results as Evidence on JFrog

Pre-requisites

1. JFrog package/build info: It can be

   1. package version, package name and package repo name

   2. build name, build number

2. JFrog key details

   1. key alias

   2. private key file (.pem)

3. X-API-KEY : Your Akto API Key that you can get from Settings > Integrations > Akto API

   

2. Run the following script -

3. Check the output

• You should see 2 files

  • testing_results.json

  • testing_results.md

• Successful bash output looks like the following -

4. Run the following command to upload evidence -

📥 What Data Gets Sent

• AI Red Teaming findings: Vulnerable findings only along with

  • Vulnerability details

  • Agentic Collection name + path

  • sample payload

  • severity details

✅ Verifying in JFrog

To verify evidence got uploaded:

1. Go to Package or Build name in your JFrog dashboard.

2. Go to Evidence tab

3. Look for Akto evidence

Get Support for your Akto setup

There are multiple ways to request support from Akto. We are 24X7 available on the following:

1. In-app intercom support. Message us with your query on intercom in Akto dashboard and someone will reply.

2. Join our discord channel for community support.

3. Contact help@akto.io for email support.