Complimentary 90-day, on-prem license available for entities involved in Covid19 response.
SUPPORT

24/5 Hotline Support Service

+44 (0)20 3588 3841

Open a Support Ticket

support@netsparker.com

Integrating Netsparker Enterprise with Gitlab (Issue Tracking)

The GitLab issue tracker is an advanced tool for collaboratively developing ideas, solving problems and planning work. It can allow you, your team, and your collaborators to share and discuss proposals before, and during, their implementation. It can also be used for a variety of other purposes, customized to your needs and workflow.

This topic explains how to configure Netsparker Enterprise to send a detected vulnerability to Gitlab.

For further information, see What Systems Does Netsparker Integrate With?.

Gitlab Fields

This table lists and explains the Gitlab fields in the New Gitlab Integration window.

Button/Section/Field

Description

Name

This is the name of the configuration that will be shown elsewhere.

Mandatory

This section contains fields that must be completed.

Access Token

This is the personalized access token of the user.

Project ID

This is the project identifier of the issue.

Title Format

This is the string format that is used to create the vulnerability title.

Optional

This section contains optional fields.

On-Premise Base URL

The issue can be sent to on-premise with your base URL.

Assignee ID

This is the assignee identifier.

Milestone ID

This is the issue milestone id.

Weight

This is the value of the weight. It can be set from 0-9.

Due Days

This is the number of days from the date the issue was created to the date it's due.

Create Sample Issue

Once all relevant fields have been configured, click to create a sample issue.

How to Integrate Netsparker Enterprise with GitLab (Issue Tracking)

  1. Log in to Netsparker Enterprise.
  2. From the main menu, click Integrations then New Integration.

  1. From the Issue Tracking Systems section, click GitLab. The New GitLab Integration window is displayed.

  1. In the Name field, enter a name for the integration.
  2. In the Mandatory section, complete the connection details:
    • Access Token
    • Project ID
    • Title Format        
  3. Click Create Sample Issue to confirm that Netsparker Enterprise can connect to the configured system. A confirmation message is displayed to confirm that the sample issue has been successfully created.

  1. In the confirmation message, click the Issue number link to open the issue in your default browser.
  2. If the GitLab integration is not configured correctly, Netsparker Enterprise will correctly route the following descriptive error messages to you. Sample error messages may be displayed as illustrated:
    • If the URL or Access Token was entered incorrectly

    • If the Project Id was entered incorrectly

How to Export Reported Vulnerabilities to Projects in Gitlab (Issue Tracking)

There are several ways to send issues to GitLab with Netsparker Enterprise:

  • Once notifications have been configured, you can configure Netsparker Enterprise to automatically send vulnerabilities after scanning has been completed (see How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System).
  • You can send one or more issues from the Issues window:
    • You must have Manage Issue permission.
    • From the main menu, select Issues, then All Issues. The Issues window is displayed.
    • Select one or more issues you want to send.
    • Click Send To, then GitLab.

    • A popup is displayed, with a link to the issue you have sent to GitLab. If there is an error, this information will be displayed instead.

  • You can send an issue from the Recent Scans window:
    • From the main menu, click Scans then Recent Scans.

    • Next to the relevant scan, click Report. The report is displayed.
    • Scroll down to the Technical Report section.
    • From the list of detected vulnerabilities, click to select an issue and display its details.

    • Click Send To, then GitLab.

    • If you have previously submitted this vulnerability to GitLab, it will already be accessible. You cannot submit the same issue twice.
  • If you view opened problem logs in GitLab, they look like this.

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO