Atlassian Jira Data Center

jira-server

StackHawk’s official On-Premises Jira integration.

Overview

The StackHawk Jira Data Center integration lets you identify and track scan findings within your Atlassian Jira Data Center workspace. The integration requires a series of steps following the OAuth1.0a authentication method, to enable consistent and secure communications from StackHawk to your authorized Jira Data Center instance.

This integration specifically supports on-prem Jira offerings, including Jira Data Center. StackHawk also provides a Jira Cloud integration, for use with instances of Jira Cloud software.

Features

  • HawkScan findings can send and associate scanner findings to a Jira Data Center Workspace as new or existing Jira Issue.

Requirements

StackHawk:

  • You must have a StackHawk account.

  • Your StackHawk Organization must belong to a plan with The Jira Data Center Integration enabled. Reach out to support@stackhawk.com to enable it.

  • Must NOT have Jira Cloud integration installed. Only one instance of Project Management Integration is currently allowed.

Jira Data Center:

  • You must have admin login permissions to the Jira Data Center workspace you wish to add the integration to.

  • You must have sufficient administration permissions to install add-ons to your Jira Data Center workspace.

  • Your Jira Data Center Project must have a defined “Bug” issue type, which is not present for all Jira Data Center Project workspaces by default. See Adding the bug issue type to your Jira project for more details.

Scopes

With this integration you authorize StackHawk with the following Jira scopes:

  • Read access to the connected Jira Data Center workspace
  • Write access to the connected Jira Data Center workspace

Setup

  1. Log into StackHawk and visit the Jira Data Center Integration page in StackHawk
  2. Click Enable Jira. This will open a modal with steps for creating the Jira Data Center application link. Follow along in your Jira Workspace.

    Application links cannot be reused, and the public key provided cannot be updated after it is created. Make sure to create a new application link if starting again.

  3. Create New Application Link - This will present three fields Consumer Key, Consumer Name and a generated Public Key which you will copy into the form inputs while running through the Application Link Setup. Once the application link is created in your workspace, you will then specify Your Jira Application Link URL, which is your Jira System Base URL. Click next to continue, if the application link was created, StackHawk will be able to securely communicate with the jira-server instance and create an authorize url to verify your application link.

  4. Generate Verification Token - Clicking the Next button will generate authorization url. Click on the link to allow StackHawk to communicate to the Jira workspace through the application link. Once approved, copy the provided token and paste it in Jira Verification Token field. Click next to continue, this will then create the integration.

  5. Project Selection - You will be prompted to select a default project. Project selection will inspect whether the selected Jira project is configured correctly. It will check the project has a Bug issue type defined with Description, Summary and Environment fields. You must select a project that has these settings defined to continue.
  6. Finalize Connection - If successful, your Jira Data Center workspace will now be connected to your StackHawk organization, and the integration setup is completed.

Follow these steps to setup your application link in your Jira workspace.

  1. Log into your Jira Data Center workspace.
  2. Go to Applications > Application Links.
  3. Provide the URL of the application you want to link to and click Create new link.

  4. In the next step you will copy Consumer Key, Consumer Name and Public Key that were generated in StackHawk (see the image above).

Verify Installation

You can verify the Jira Data Center installation at any time after configuring a integration token.

  1. Go to the Jira Data Center page in StackHawk.
  2. You should see a Connected to: <your workspace URL>, which indicates the integration has been linked to that Jira Data Center Workspace.

Usage

Send Jira Data Center

With the Jira Data Center Application installation verified, you can send a finding to Jira Data Center by creating a Jira Issue and associating it with a StackHawk scanner finding.

  1. Go to a finding detail in StackHawk Scans > Scan Details > Findings
  2. Click on the checkbox for a given Path, Status, Method
  3. Click on Actions > Send to Jira
  4. Fill out the Jira Data Center ticket details. Findings can be promoted with either a new Jira issue, or linked to an existing Jira issue.

Creating a New Issue: Select the project you want the created ticket to be associated with. The created issue will be made with the Bug issue type. The created issue will have details about those findings. Click Create Issue, and the Jira issue will be created and associated with the scan findings.

Linking an Existing Issue: Select the issue from the query search you want associated with your Jira ticket. The linked issue will receive a comment with the details of the vulnerability findings. Click Link Issue, and the Jira Issue will be created and associated with the scan findings.

Other actions

Similar to sending to Jira Data Center, you can clear the status of a finding or change it to another status by selecting the Path, Status, and Method and selecting a different action.

TroubleShooting

Adding the Bug Issue Type to your Jira Project

A Jira Data Center project has defined issue types. Jira Classic Software Projects will have the Bug issue type defined by default, however Jira Next-Gen Software Projects and Jira Core Projects will not include this issue type by default. To send created issues to these projects, you will have to add a Bug issue type:

  1. In your Jira Data Center project workspace, go to Settings > Issues
  2. Click Issue types > Add issue type
  3. Add a standard Issue Type named Bug, and make sure it has “Summary”, “Description” and “Environment” description fields assigned.
  4. Click Add

The created Bug issue type will be used for Jira Issues created from the StackHawk platform for that project.

Custom Fields on Jira Issue Types

It is not uncommon for a Jira project to have custom fields on their issuetypes. This is a feature provided by Atlassian, but can affect StackHawk ticket creation. If your project’s Bug IssueType has additional custom fields, make sure they also have an acceptable default value defined:

Removing the Jira Data Center

The Jira Data Center integration can be disconnected from the authorized StackHawk organization from the Jira Data Center Integration page.

  1. Go to the Jira Data Center Integration page in StackHawk.
  2. Click Disconnect
  3. In Jira Data Center, go to Applications > Application Links
  4. Click ... and Delete

Feedback

Have any suggestions, feature requests, or feedback to share? Drop us a line at support@stackhawk.com