SUPPORT

Contact Support

OPEN A TICKET

Integrating Netsparker Standard with Bugzilla

Bugzilla is an open-source, web-based bug tracking and testing tool. Its purpose is to help developers manage defects in software development. Developers can use it to keep track of outstanding bugs, problems, issues, enhancements, and other product change requests.

This topic explains how to configure Netsparker Standard to send a detected vulnerability to Bugzilla.

For further information, see Configuring the User Interface for Custom Send To Actions in Netsparker Standard and Configuring Auto Send To Actions in Netsparker Standard and What Systems Does Netsparker Integrate With?.

Bugzilla Fields

This table lists and explains the Bugzilla fields in the Send to Actions tab.

Button/Section/Field

Description

Add

Select to add an integration.

Delete

Select to delete the integration and clear all fields.

Configure Send To

Select to configure the integration using the Settings Wizard instead of doing it manually.

Create Sample Issue

Once all relevant fields have been configured, click to create a sample issue.

Action

This section contains general fields about the Send to Action.

Display Name

This is the name of the configuration that will be shown in menus.

Mandatory

This section contains fields that must be completed.

URL

This is the Bugzilla instance URL.

API Key

This is the API Access Key for authentication.

Product

This is the product name.

Component

This is the name of a component.

Version

This is the product version in which the issue was found.

Platform

This is the type of hardware in which the bug was experienced.

Operating System

This is the operating system in which the bug was discovered.

Vulnerability

This section contains fields with vulnerability details.

Body Template

This is the template file that is used to create description fields.

Title Format

This is the string format that is used to create the vulnerability title.

Optional

This section contains the optional fields.

Status

This is the status from which this bug starts.

Priority

This is the priority of the bug.

Assigned To

This is the user name to whom to assign issues.

Severity

This is the severity of the bug.

Milestone

This is a valid target milestone for the product.

Due Days

This is the number of days between the date the issue was created to the date it’s due.

Custom Fields

These are the custom fields that are defined for the project.

Select the ellipsis () to open the Custom Fields Editor dialog.

In the Edit Custom Field Value field, enter the value.

Select OK.

How to Integrate Netsparker Standard with Bugzilla

  1. Open Netsparker Standard.
  2. From the Home tab on the ribbon, select Options Send To Actions
  3. From the Add drop-down, select Bugzilla
  4. In the Mandatory section, complete the connection details:
    • URL
    • API Key
    • Product
    • Component
    • Version
    • Platform
    • Operating System
  1. In the Vulnerability section, you can specify the Body Template and Title Format.
Body templates are stored in %userprofile%\Documents\Netsparker\Resources\Send To Templates. If you use your own custom templates, store them in this location.
  1. In the Optional section you can specify:
    • Status
    • Priority
    • Assigned To
    • Severity
    • Milestone
    • Due Days
    • Custom Fields
  2. Select Create Sample Issue to confirm that Netsparker Standard can connect to the configured system. In the Send To Action Test dialog, select the Issue number link to open the issue in Bugzilla in the default browser.
  3. Select Apply or OK to save the integration.
To learn more about field values in Bugzilla, see Field Values .
Looking for API Keys in Bugzilla? See User Preference in Bugzilla. For further information about the connection details, check your administrator page in Bugzilla.

How to Delete the Bugzilla Integration

  1. Open Netsparker Standard.
  2. From the Home tab on the ribbon, select Options > Send to Actions.
  3. Select Bugzilla.
  4. Select Delete.

How to Export Reported Vulnerabilities to Projects in Bugzilla

Please ensure that you have first configured Bugzilla integration. See How to Integrate Netsparker Standard with Bugzilla.
  1. Open Netsparker Standard.
  2. From the ribbon, select the File tab. Local Scans are displayed. Double-click the relevant scan to display its results.
  3. In the Issues panel, right-click the vulnerability you want to export and select Send to Bugzilla. (Alternatively, from the ribbon, click the Vulnerability tab, then Send to Bugzilla.) A confirmation message and link are displayed at the bottom of the screen.
  4. Select the Bugzilla Send to Action is executed for the selected vulnerability link to view the newly-created issue in Bugzilla
Netsparker

Highly accurate, fast & easy-to-use Web Application Security Scanner

Get a demo