Can you automate ticket creation for security vulnerabilities and policy violations that are (unintentionally) shipping out with your code?
Atlassian’s JIRA platform is close to an industry standard in bug tracking and ticketing. Whether you are agile, use waterfall or develop on an ad-hoc basis, you've almost definitely used JIRA somewhere along the way and would appreciate the intelligence that JIRA packages in this awesome tool.
The Black Duck Hub now integrates with JIRA to add another layer of intelligence to this already smart tracking system with information around security vulnerabilities and custom defined policy violations.
The Black Duck Hub integration with Atlassian’s JIRA brings the best in breed open source security management within the realm of your JIRA instance. Developers can now be automatically informed of security vulnerabilities and/or policy violations sneaking into your production code. The Black Duck Hub discovers security kinks in your open source, and via the JIRA plugin, reengages with engineering to work on remediation. The workflow is simple and follows the following steps:
Login into your Black Duck Hub and define policies using the Policy Management module
Login to your JIRA instance, download & install the Black Duck Hub plugin for JIRA
Map Hub projects to JIRA projects and select the check box for policies for which automatic tickets need to be created
Provide Black Duck Hub component data for issue type ‘Security’ or ‘Policy Violation’
Automatic closure of pre-created JIRA tickets on issue resolution or override
The JIRA plugin ensures development teams are pulled in and presented with information at the right time without compromising on the agility and velocity of the release process.