SUPPORT

24/5 Hotline Support Service

+44 (0)20 3588 3841

Open a Support Ticket

support@netsparker.com

Integrating Netsparker Standard with Issue Tracking Systems

The Send To Actions feature in Netsparker Standard allows you to integrate the web application security scanner with your issue tracking system or source code management system, so that you can import identified vulnerabilities as issues. You can integrate Netsparker with the following systems:

  • Azure DevOps
  • Bitbucket
  • BugZilla
  • FogBugz (Manuscript)
  • Github
  • GitLab
  • JIRA
  • Kafka
  • Redmine
  • ServiceNow
  • TFS (Team Foundation Server)
  • Unfuddle
  • Zapier

This topic explains how to integrate with JIRA, but you can use the same procedure to integrate Netsparker Standard with the other systems listed, or create your own custom Send To actions to integrate Netsparker web security scanner with any other system.

For further information, see What Systems Does Netsparker Integrate With?

Configuring Netsparker Integration with JIRA

There are two steps to configuring Netsparker Integration with JIRA:

  1. Opening Netsparker Standard Options
  2. Specifying the Connection Settings

Connection Settings Fields

This table lists and explains the fields in the Sent to Actions dialog in How to Specify the Connection Settings.

Field

Description

URL

This is the URL of the JIRA setup.

Username or Email

This is the JIRA Username or Email.

API Token

This is the JIRA API Token.

Project Key

This is the JIRA Project Key.

Issue Type

This is the JIRA Issue Type.

Body Template

This is the JIRA Body Template. They are stored in %userprofile%\Documents\Netsparker\Resources\Send To Templates. To use your own custom templates, store them in this location.

Title Format

This is the JIRA Title Format.

Reporter Account ID

This is the account identifier of the person who scanned for, and detected, the issue.

Assigned Account ID

This is the account identifier of the person the Issue will be assigned to.

Priority

This is the Issue's priority, in JIRA.

Due Days

This is the value required to calculate Issue's Due Date.

Labels

This is the Issue's labels, in JIRA. (e.g., Label1,Label2)

How to Open Netsparker Standard Options

  1. From the Home tab, click Options. The Options dialog is displayed.

  1. Click Send to Actions. The Send To Actions panel is displayed.

  1. Click the Add dropdown, and select the system you would like to integrate with Netsparker Standard. In this example, we’ll select JIRA.

How to Specify the Connection Settings

  1. Following on from the previous procedure, the Send to Actions panel, with Jira selected, looks like this.

  1. In the  Mandatory panel, enter the following credentials:
    • URL
    • Username or Email
    • API Token
    • Project Key
    • Issue Type
  2. In the Vulnerability panel, enter the following details:
    • Body Template
    • Title Format
  3. In the Optional settings panel, enter the following details:
    • Reporter Account ID
    • Assigned Account ID
    • Priority
    • Custom Fields
    • Due Days
    • Labels
  4. Click Save.
  5. Click Create Sample Issue to confirm that Netsparker Standard can connect to the configured system. This is screenshot shows a connection test confirmation with JIRA.

Importing Reported Vulnerabilities to Projects on JIRA

When the integration is configured, an identified vulnerability can be imported to JIRA.

How to Import Reported Vulnerabilities to Projects on JIRA

  1. In the View tab, click Issues.
  2. For the reported vulnerability you want to import, right click on it and select Send to JIRA.

Alternatively, in the Vulnerability tab, click Send to JIRA.

  1. You will be informed that the action was successfully executed. Below is a screenshot of the SQL Injection that was automatically imported to JIRA.

Integrating Netsparker with Other Systems

Take advantage of this easy to setup integration and integrate Netsparker web application security scanner with your issue tracking and code management systems. Also, if you use another system that is not listed above, or you would like to do any other sort of integration remember that you can create a custom send to action.

For further information, see What Systems Does Netsparker Integrate With?.

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO