Integrating Netsparker Enterprise with an issue tracking system means that you can have vulnerabilities identified during a web application security scan automatically created as issues in your issue tracking system.
This type of integration in Netsparker Enterprise is called Endpoint Integration. Currently, Netsparker supports out of the box integration for TFS, JIRA, Github and FogBugz (Manuscript). Integrations, regardless of the issue tracking system used, are configured in Netsparker Enterprise.
Alternatively, you send issues manually to an issue tracking system (see Sending Vulnerabilities Manually to an Issue Tracking System).
Configuring Endpoint Integration
In this example, for the purposes of illustration, we will use two websites and two different JIRA projects, to illustrate how you can configure multiple integrations.
Introduction to Test Setup
- The first website is a PHP website, for which we have a Kanban Project on JIRA. For this website, we will configure the integration in such a way that all vulnerabilities of Medium or higher severity are automatically recreated in JIRA.
- The second website is an ASP website, for which we have a Scrum Project on JIRA. For this website, we will configure the integration in such a way that all vulnerabilities of Important or higher severity are automatically recreated in JIRA.
How to Integrate Netsparker Enterprise with an Issue Tracking System
- From the main menu, click Integrations, then New Integration. The Issue Tracking Systems section is displayed.
- In this example, we are integrating Netsparker Enterprise into JIRA. Click Integrate JIRA. The New Integration window is displayed.
- Complete the following project details: Name, URL, Username or Email, Password and the remainder of the project details. Hover the mouse over the tooltip icon to view additional details for each one.
- Click Save.
- Alternatively, you can also test the integration with a sample issue by clicking Create Sample Issue. If the issue is recreated successfully, a green success notification will be displayed together with a clickable issue number, at the top of the window (in this example, 'KP-34').
- Click the issue number in the green success notification to open the issue in a new browser tab in your issue tracking system. (The screenshot shows a sample JIRA issue.)
- To add additional projects (such as an ASP project) repeat the instructions.