Atlassian’s Jira is an extremely popular platform for managing not only product development but workloads of different kinds within an organisation.
Organisations that use Jira for product development will have likely had past experiences raising, managing, and working on issues that stem from the result of a security assessment (that could be from penetration testing, red teaming, internal audits, or a simple vulnerability scan).
The process of ingesting these into Jira can be cumbersome especially in situations where a PDF document is provided as the sole output of an assessment.
Where CovertSwarm’s integration for Jira can help you
Enhance your workflow
From the Offensive Operations Centre (OOC) any of the accumulated vulnerability data can be seamlessly linked to Jira issues. You can create these issues from vulnerabilities in bulk or one-by-one.
Manage vulnerability linking to Jira individually or in bulk
From within Jira itself you can see a high-level view of the issues (what they are, their severity, etc.) and link back to the OOC to see the results in more detail. This provides a bit more context without diluting the core information within a Jira issue, and without the need to provide access to multiple users to all of the data within the OOC.
View core details through Jira directly, or click through to the OOC
Developers can manage the vulnerability status within the OOC without themselves having an account through the use of the JIRA integration. Changing a status to ‘QA’, for example, will adjust the vulnerability (or many vulnerabilities, if linked) to the ‘Review’ status within the OOC. Similarly, vulnerabilities can be resolved when setting a resolution status in Jira.
How it all works
Due to the complexities and the vast number of customisable options within Jira, we’ve provided an option to configure the mapping of multiple statuses from the OOC’s vulnerability statuses to those that are configured for your Jira projects.
When creating a new issue from the OOC you’ll have a plethora of options that you can quickly select to start the issue workflow in Jira. These include the ability to:
Choose between different projects
Select a project from your Jira workspace to interact with
Optionally nest issues under an Epic
Optionally select an Epic to nest linked issues
Select a specific Issue type
Choose an issue type from any configured types
Optionally select an assignee
Select an optional assignee
Quickly customise the Summary and Description
Pre-templated text is generated for your new issue(s), which is fully customisable
This will allow for a more fine-tuned experience where you may have completely custom workflows configured within Jira.