Atlassian Bamboo & JIRA Plugins Help Teams Build Fast and Secure

Atlassian Bamboo & JIRA Plugins Help Teams Build Fast and Secure

Building Tools to Enable Software Development Teams

Atlassian is one of the most impressive success stories in the DevOps landscape today. With tools such as Bamboo CI to help developers manage continuous delivery pipelines and JIRA to automate developer workflow processes, Atlassian plays an integral role within development and DevOps teams. 

 Truly, it’s hard to think of many teams that have adopted agile development and DevOps who aren’t using an Atlassian solution. Likewise, Black Duck has long been focused on enabling software development teams to gain automated visibility, intelligence, and control for their use of open source. Working with Atlassian is an obvious choice, and we are excited to announce our newest plugins: the Black Duck Hub Plugin for JIRA and the Black Duck Hub Plugin for Bamboo.

The Importance of Integration in Open Source Vulnerability Management

As software development teams continue to adopt and utilize open source to build applications faster and smarter, the risk of using components with security vulnerabilities and license compliance risks grows. Manually tracking the thousands of new security vulnerabilities and navigating complex license obligations is far too cumbersome for most organizations, and no one team should be expected to have all the responsibility for such an important task.

Black Duck Hub can automatically scan, identify, and track open source components, vulnerabilities and license obligations in your applications and containers. Security management is essential at all stages of the continuous delivery pipeline, and to address that need, Black Duck has been building integrations with the tools that software development teams use throughout the application development lifecycle.

Vulnerability Management Made Easy with Hub Plugins for JIRA and Bamboo

The newest of these integrations are plugins for Atlassian’s popular JIRA and Bamboo tools. With the Hub integration for Bamboo, software teams can now easily integrate open source vulnerability management with their Bamboo CI build and test automation environment. Users can automate Black Duck Hub scans with Bamboo, view the results within the Bamboo interface (allowing developers to view risk reports without switching tools), and automate build actions based on open source policies defined in Hub. The integration with JIRA helps teams automate developer workflows for managing open source risks. Hub generates JIRA tickets automatically based on policy violations or newly identified vulnerabilities, updating tickets based on remediation actions. With these integrations, teams can manage open source security, compliance, and quality risks in their applications and containers, while maintaining development speed, agility, and productivity.

 Screenshot: Automatically report and track violations in JIRA Screenshot: Implement open source policies with Bamboo 

Black Duck is committed to bringing security management into the continuous delivery pipeline in a way that is automated, easy, agile, and convenient for development and DevOps teams, and we’re excited to be working with solution providers like Atlassian to create new solutions for developers. Check out the Black Duck Hub Plugins for Bamboo and JIRA on the Atlassian Marketplace, and stay tuned for more integration announcements soon.

Watch a 3 Minute Demo of the Black Duck Hub


Sorry we missed you! We close comments for older posts, but we still want to hear from you. Tweet @black_duck_sw to continue the discussion.


New Audit Report Shows Open Source Management Gaps Remain a Problem

| Apr 19, 2017

Taking a look at the findings in the 2017 Open Source Security and Risk Analysis Report  Black Duck is a company that thrives off data. In fact, it's essential to our business. I'm constantly impressed by the amount of data that we collect and the level to which our employees embrace the

| MORE >

Microsoft Visual Studio Extension Helps Developers Stay Agile & Secure

| Mar 7, 2017

There’s no question that Microsoft believes in the power of Open Source to help developers create better applications. Last year, GitHub reported that Microsoft had more contributors to open source projects than Facebook, Docker, or Google. Clearly, the wall between Microsoft development and open

| MORE >