You can connect your Jira project board to a Bright scan, for tickets to be automatically opened for each security vulnerability(issue) detected. Each ticket contains the following information:
  • Issue severity level
  • Details of discovery
  • Possible exposure
  • Remediation suggestions

For each new scan, you can select different Jira projects integrated with your Bright projects.

🚧

Warning

If your Jira project sets any required fields for all tickets (for example, components), then Bright will not be able to open tickets for detected issues. Please check your project settings and change them if necessary.

Prerequisites

  • The Bright connection to the On-Premise Jira is enabled via the Bright CLI. For that, you need to have the Bright CLI installed on your machine. See the installation instructions here.

Step-by-step guide

Connecting Bright to your Jira account, cloud or on-premise

  1. Go to the Bright app.
  2. In the left pane, select Organization.
  3. On the Organization page, scroll down to the TICKET MANAGEMENT INTEGRATION section.
19011901
  1. Click next to Jira, and then select Settings.
  1. In the Jira integration config dialog box, do one of the following:
  • If you are using the Atlassian Jira Cloud, select the Cloud Jira radio button. Enter your Jira details and API token in the relevant fields, and then click Save.

🚧

Important

For security purposes, make sure to use the API token of a specific Jira profile (not the Admin/Organization level).

The Bright connection to Jira is enabled, which is indicated in the Enabled column. The Connectivity column is designed to indicate a local Jira Server connection status, which is irrelevant in this case.

  • If you are using Jira on a local server, do the following:
    a) Select the On-Premise Jira radio button.
    b) In the Access Key field, copy an automatically generated INTEGRATION_ACCESS_KEY. You will need it to run the CLI command that enables connection to your On-Premise Jira account.
    c) Open your console and run the following CLI command:
nexploit-cli integration --access-key $INTEGRATION_ACCESS_KEY --base-url https://your-cluster.atlassian.net --user $USERNAME --password $PASSWORD --token $API_TOKEN

πŸ“˜

Notes

  • Sample variables are marked with a $. You must substitute them for your real values.
  • If your Jira username or password includes any special characters (for example, "pa$$word"), enclose the entire username or password in single quotes.

This is the basic configuration of the command that connects Bright to an On-Premises Jira account. For more information about the command and its options, see Integrating with an On-Premise Ticketing Service.

Once you connect Bright to the On-Premise Jira via the Bright CLI, the Connectivity status in the TICKET MANAGEMENT INTEGRATION section changes to Connected. The Enabled column indicates the Cloud Jira connection status, which is irrelevant in this case.

Configuring Jira integration with Bright projects

After you have connected Bright to your Cloud or On-Premise Jira, you need to integrate one or multiple Jira projects with the Bright project to be used for a scan. The integration allows Bright to automatically open tickets with the detected issue details on the associated Jira boards. Moreover, you can set a certain severity level for issue tickets to be opened.

To integrate a specific Bright project with your Jira project(s), follow these steps.


What’s Next