Is there an ability to push issues (not originally on defectdojo) from jira into DefectDojo? #11684
-
|
Hi All, So I do know that the inverse of this is true, in that issues can be pushed from DefectDojo into Jira, and then there is a two way sync in place for that particular issue, however I have a potential use case where I may need the opposite to work as well. So I have tools integrated with jira, and certain tools integrated with defectDojo. I also want the findings from the tools integrated on jira, to push defects to defect dojo, so that DefectDojo, although not directly integrated with those tools, is still a centralised source of truth. An example of what this data flow would look like for a specific issue is: 'Tool ---> Jira ----> DefectDojo' & then if the issue is closed on DefectDojo it would then feedback to the original tool: 'Tool <--- Jira <---- DefectDojo' Is this possible to set up with the opensource version of defect dojo? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
Currently there is no built-in feature to import / push findings from JIRA neither in OS nor Pro. |
Beta Was this translation helpful? Give feedback.
Currently there is no built-in feature to import / push findings from JIRA neither in OS nor Pro.
It would be possible to do something like
JIRA -> script > DefectDojoto retrieve issues from JIRA and push them to Defect Dojo using the REST API. I am wondering how useful this will be as you may be missing certain information like the type of finding, the cwe, the vulnerability id, the unique_id_from_tool, file_path, etc. Are the findings in JIRA manually created or do they originate from another tool/scanner that could be imported into Defect Dojo first before pushing to JIRA?