SUPPORT

24/5 Hotline Support Service

+44 (0)20 3588 3841

Open a Support Ticket

support@netsparker.com

Integrating Netsparker Standard with Redmine

Redmine is an issue tracking system that is part of a larger, flexible project management web application. It is free and open source, cross-platform and cross-database. Redmine is written using the Ruby on Rails framework.

This topic explains how to configure Netsparker Standard to send a detected vulnerability to Redmine (including using the wizard).

For further information, see Configuring the User Interface for Custom Send To Actions in Netsparker Standard and Configuring Auto Send To Actions in Netsparker Standard and What Systems Does Netsparker Integrate With?.

Redmine Fields

This table lists and explains the Redmine fields in the Send to Actions tab.

Button/Section/Field

Description

Add

Click to add an integration.

Delete

Click to delete the integration and clear all fields.

Create Sample Issue

Once all relevant fields have been configured, click to create a sample issue.

Action

This section contains general fields about the Send to Action.

Display Name

This is the name of the configuration that will be shown in menus.

Mandatory

This section contains fields that must be completed.

URL

This is the Redmine instance URL.

API Access Key

This is the API Access Key for authentication.

Project ID

This is the project identifier of the issue.

Priority ID

This is the priority identifier.

Vulnerability

This section contains fields with vulnerability details.

Body Template

This is the template file that is used to create description fields.

Title Format

This is the string format that is used to create the vulnerability title.

Optional

This section contains optional fields.

Tracker ID

This is the tracker identifier.

Status ID

This is the status identifier.

Category ID

This is the category identifier.

Assignee ID

This is the assignee identifier.

Due Days

This is the number of days between the date the issue was created to the date it's due.

Is Private

This indicates whether the issue is accessible only to the assignee.

Custom Fields

These are the custom fields that are defined for the project.

Click the ellipsis () to open the Custom Fields Editor dialog.

In the Edit Custom Field Value field, enter the value and click OK.

How to Integrate Netsparker Standard with Redmine

  1. Open Netsparker Standard.
  2. From the Home tab on the ribbon, click Options. The Options dialog is displayed.
  3. Click Send To Actions.

  1. From the Add dropdown, select Redmine. The Redmine fields are displayed.

  1. In the Mandatory section, complete the connection details:
    • URL
    • API Access Key
    • Project
    • Priority ID
  2. In the Vulnerability section, you can change the default Body Template and Title Format.
Body templates are stored in %userprofile%\Documents\Netsparker\Resources\Send To Templates. If you use your own custom templates, store them in this location.
  1. In the Optional section you can specify:
    • Tracker ID
    • Status ID
    • Category ID
    • Assignee ID
    • Due Days
    • Is Private
    • Custom Fields
  2. To set custom field values, in the Custom Fields field, click the ellipsis button.
  3. In the Edit Custom Field Value field, enter the relevant value.

  1. Click OK.
  2. Click Create Sample Issue to confirm that Netsparker Standard can connect to the configured system. The Send To Action Test confirmation dialog is displayed.

  1. In the Send To Action Test dialog, click the Issue number link to open the issue in Redmine in the default browser.

How to Integrate Netsparker Standard with Redmine Using the Wizard

Instead of configuring the settings manually, the configuration wizard can help you with the settings.
  1. Open Netsparker Standard.
  2. From the Home tab on the ribbon, click Options. The Options dialog is displayed.
  3. Click Send To Actions.                                        
  4. From the Add dropdown, select Redmine. The Redmine fields are displayed.

  1. Click Configure Send To to launch the wizard. The Send To Configuration dialog is displayed.

  1. Click Next. The Authentication step is displayed.

   

  1. Complete the URL and API Access Key fields, and click Test Credentials.
  2. When the confirmation message, Your credentials are confirmed, is displayed, click Next. The Project step is displayed.

  1. Select a project, and click Next. The Priority step is displayed.

   

  1. Select a priority, and click Next. The Tracker step is displayed.

  1. If required, select a tracker, and click Next. The Status step is displayed.

  1. If required, select a status, and click Next. The Category step is displayed.

  1. If required, select a category, and click Next. The Assignee step is displayed.

  1. If required, select an assignee, and click Next. The Optional Fields step is displayed.

  1. If required, complete the Due Days and Is Private fields, and click Next. The Summary step is displayed.

  1. Review your settings, and click Finish. The Settings are applied automatically. You are returned to the Send To Actions fields.

To set custom field values, in the Custom Fields field, click the ellipsis button.

  1. In the Edit Custom Field Value field, enter the relevant value.

  1. Click OK.
  2. Click Create Sample Issue to confirm that Netsparker Standard can connect to the configured system. A Send To Action Test confirmation dialog is displayed.

  1. In the Send To Action Test dialog, click the Issue number link to open the issue in the default browser.

How to Export Reported Vulnerabilities to Projects in Redmine

Please ensure that you have first configured Redmine integration (see How to Integrate Netsparker Standard with Redmine).
  1. Open Netsparker Standard.
  2. From the ribbon, select the File tab. Local Scans are displayed. Doubleclick the relevant scan to display its results.

  1. In the Issues panel, right click the vulnerability you want to export and select Send to Redmine. (Alternatively, from the ribbon, click the Vulnerability tab, then Send To Redmine.) A confirmation message and link is displayed at the bottom of the screen.

  1. Click the Redmine Send To Action is executed for the selected vulnerability. link to view the newly-created issue in Redmine.
  2. The vulnerability is automatically exported to Redmine. You can view it in Redmine's Issues tab.

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO