Jira Integration
You can connect the Platform with a Jira instance, enabling you to raise tickets within your Jira environment straight from the Platform. This ensures that issue data in the Platform and your Jira environment remain synchronised.
Once a Jira ticket is moved to ‘Done’, the status for the corresponding issue in the Platform will be automatically marked as Remediated. This process eliminates the need to update the status of an issue in two places.
Integration Overview
The Platform’s integration with Jira utilises Jira’s public API to create and track the status of exported issues in Jira.
Warning! The platform supports the Jira Cloud API v3 only. Any clients with locally installed versions currently only support v2 of this API. This is due to end by 2024 (https://developer.atlassian.com/developer-guide/moving-from-server-to-cloud-for-developers/ ) and will therefore not be supported by the platform for support, compatibility, and security reasons.
Operation
The Platform & Jira integration is based on a push/pull operation whereby the Platform initiates a connection to Jira to either send data (push) or to retrieve data (pull).
An example of sending (pushing) data is when the platform exports an issue to Jira.
An example of retrieving (pulling) data is when the platform queries Jira for the status of an already-exported issue
Important! Jira does not initiate any communications to the Platform. Any communication between the Platform and Jira is only ever initiated by the Platform
During the export of an issue from the Platform to Jira, the Platform will retrieve the unique Issue ID and Issue URL that is assigned by Jira (once the issue has been created)
The Platform will associate the Jira Issue ID and URL with the corresponding issue stored in the Platform. This allows the Platform to ‘track’ the corresponding Jira Issue by periodically querying Jira for any status change(s),
When the status of Jira Issue changes to a completed state, such as “DONE” or “RESOLVED”, this change will be detected by the Platform during the next periodic status check.
Once a tracked Jira Issue has changed to a completed state, and the Platform has detected this change, the status of the corresponding issue in the Platform will be changed to Remediated.
Please Note: When a Jira Issue is changed to a completed state, this status change is not immediately updated in the Platform - the Platform queries Jira every 15 minutes to check for status changes across all tracked issues.
Set Up
Step 1: Navigate to Connected Accounts on the Menu.
Step 2: Click on ‘Configuration’ under Jira.
Step 3: The platform will ask you for the host URL to your Jira subscription, e.g. https://company.atlassian.net/
Step 4: Enter your username. This will normally be an email address associated with your Atlassian account.
Step 5: Enter your API key. To do this, you can select the tooltip and click ‘Click Here’ to generate the key.
The link will take you to the page for creating an API token (https://id.atlassian.com/manage-profile/security/api-tokens). Click ‘Create API token’, copy it, and paste it into the API key field shown above.
Step 6: Click ‘Save’.
Once the connection is confirmed, the platform will ask you to correlate the platform’s threat levels with your current priority settings within Jira. This will enable the platform and Jira to apply the appropriate priority and urgency to the reporting of issues.
Export an Issue to Jira
You can export issues from the platform to your JIRA project board from the following interfaces of the platform:
Phase view
Individual issue view
You can export issues individually or in bulk.
Export a Single Issue
Step 1: Navigate to Results on the Menu, and then Issues.
Step 2: Click on the three-dots menu to the right-hand side of the issue you would like to export.
Step 3: Select ‘Export to Jira’.
Step 4: Confirm the Project and what type of issue it should be reported as, and then click ‘Export’.
The issue is then sent to the associated backlog list for the selected Project.
You will see the following information within Jira for the exported issue:
Link to the platform issue
Finding Title
Summary
Technical Details
Recommendation
Priority levels (assigned at setup by the user)
Platform labels for ease of tracking
Reporter details
Export Issues in Bulk
You can export issues in bulk in two ways.
Checkbox individual issues
Step 1: Navigate to Results on the Menu, and then Issues.
Step 2: Select multiple issues using the checkboxes on the left-hand side.
Step 3: Click ‘Actions’ in the top right-hand corner.
Step 4: Select ‘Export to Jira’.
This will export the selected issues to your requested Jiraproject board.
2. Export full phase list of issues
Step 1: Navigate to Results on the Menu, and then Phases.
Step 2: Select the Phase containing the issues you would like to export.
Step 3: Click ‘Actions’ in the top right-hand corner.
Step 4: Select ‘Export’.
Step 5: Click ‘Export’, and then ‘Jira’.
You can then see which issues have been exported to Jira:
Jira Issue Status
The platform provides you with near real-time updates of the progress of each issue that has been exported to Jira. You can find a Jira Ticket dialog to the top right-hand corner of the corresponding Issue interface in the platform, which displays the current status of the Jira ticket.
The platform will track your Jira tickets progress and automatically mark an issue as remediated when the Resolution date and status of the ticket id set to Done.
Regress Issues
You can regress items via Jira if the vulnerability status is ‘unverified remediation’.
This means, if issues have been marked as ‘done/resolved’ within Jira by accident, they can be moved back to ‘in progress’, and the platform will be updated.
When a ticked is closed or reopened in Jira, a comment is added to the platform’s respective vulnerability, so you are able to track for auditing and remediation purposes. For example, the comment will refer to the issue being set as remediated via Jira.