Jira integration in the Scanner tool
I would love to see an integration with Jira bugtracking. This way the scanned vulnerabilities can be quickly documented and sent for mitigation. The creation of the issue would preferably include the description and mitigation from the scanner and the full request and response. A screenshot of the rendered webpage would also be a nice as an attachment.
Thanks for this request. Agreed, JIRA integration would be an excellent feature. We’ll look into providing this functionality.
Assuming workflow similar to: Complete scan -> View Reported Issues -> Select Issue -> Create JIRA ticket?
Probably should include, at least:
- Options in BS for customising the JIRA issue template; incl. populating Fields (e.g. Labels) and Custom fields (e.g. Test Environment).
- Ability for BS to assign Priority (configurable).
- Ability upload a useful set of attachments to a JIRA ticket (e.g. extracts from requests / responses).
... so he doesn't want huge cleverness. I presume duplication may be an issue, e.g. identifying if a bug has already been reported, although that may be best handled by marking as duplicates in JIRA if they are spotted after the event.
Thanks for these ideas. We’ve seen some other products’ JIRA integration that works in this fairly lightweight way, and we’ll look into implementing this.
It hasn’t been so far. It will probably be a feature of the Burp Enterprise product now.
George, this is currently in our Enterprise roadmap. Unfortunately, we can’t provide an ETA.
This feature is now available, but only with Burp Enterprise.