You can integrate your Acunetix Premium account with Azure DevOps Services. This integration lets you send all the vulnerabilities discovered using Acunetix to Azure DevOps, where you can manage them as issues. This article shows how to set up your Azure DevOps account and how to integrate with it in Acunetix Premium.

Part 1: Prepare your Azure DevOps Services Account for Integration

If you already have an Azure DevOps account, you may skip relevant sections in this part of the article.

Step 1: Set Up Your Azure DevOps Services Account

  1. Open the Azure DevOps homepage and sign in to your Microsoft account
  2. Click on the Start free > buttonAcunetix Azure DevOps Integration
  3. Select your Country or Region and click on the Continue button – this will send you to the Projects pageAcunetix Azure DevOps Integration

Step 2: Create a New Work Item Type for Your Projects

  1. In the Organizations menu, make sure the organization you want to work with is highlighted and click on the Organization Settings menu itemAcunetix Azure DevOps Integration
  2. In the Organization Settings menu, click on the Boards > Process menu itemAcunetix Azure DevOps Integration
  3. On the All processes page, click on the inline menu button for the Basic (default) process, and click on the Create inherited process menu itemAcunetix Azure DevOps Integration
  4. In the Create inherited process panel:
    • Set the name of the process to Web Application Process
    • Set the Description of the process to Process for Web Application Security
    • Click on the Create process button; this will send you back to the All processes page showing (also) your newly-created process

    Acunetix Azure DevOps Integration

  5. Click on the newly-created Web Application Process item; this will take you to the list of work item types for your process, showing you the predefined default typesAcunetix Azure DevOps Integration
  6. Click on the New work item type buttonAcunetix Azure DevOps Integration
  7. In the Create new work item type panel:
    • Set the Name field to Vulnerability
    • Set the Description field to Identified by Acunetix
    • Click on the Create button

    Acunetix Azure DevOps Integration

Step 3: Create Your Azure DevOps Services Project

  1. In the Organizations menu, make sure the organization you want to work with is highlightedAcunetix Azure DevOps Integration
  2. In the Create a project panel:
    • Set the Project name for your Azure DevOps Services Project – for this example we used acunetix-test
    • Set the Description field for your Azure DevOps Services project – this is simply a descriptive field; for this example we used Internal Web Application Project
    • Set the Visibility to Private (unless you want this to be visible to the general public)
    • Click on the Advanced button to expand the panel
    • Set the Work item process to the process called Web Application Process (that you created earlier)
    • Click on the Create project button – this will take you to the Project Summary page

    Acunetix Azure DevOps Integration

Step 4: Create a Personal Access Token for Acunetix Integration Authentication

  1. In the User Settings menu, click on the Personal access tokens menu itemAcunetix Azure DevOps Integration
  2. On the Personal Access Tokens page, click on the New Token buttonAcunetix Azure DevOps Integration
  3. On the Create a new personal access token page:
    • Set the Name field to Acunetix Integration – this is only a friendly name to remind you of its use
    • Set the Organization field to All accessible organizations – you may select a narrower definition if you wish to do so
    • Set the Expiration field to 90 days – you may select a different expiry (up to one year)
    • Set the Scopes option to Full access
    • Click on the Create button

    Acunetix Azure DevOps Integration

Part 2: Configuring Acunetix for Integration

  1. In the Acunetix UI, click on Issue Trackers in the sidebar
  2. Click on the Add Issue Tracker button
  3. Set the Name field to describe the integration – for this example, we have used Azure DevOps Services IssuesAcunetix Azure DevOps Integration
  4. Select Azure DevOps Services from the dropdown labelled Platform
  5. Set the URL to the format https://dev.azure.com/<organization-name>; this example assumes that your Azure DevOps Service organization was named kacacunetix, therefore the URL will be https://dev.azure.com/kacacunetix
  6. Insert your Azure DevOps Services Personal Access Token into the Token field
  7. Click on Test Connection – you should receive a Connection is Successful message; also, the Project and Issue Type panel will be updated with your list of projects and issue labels
  8. Select the Azure DevOps Services project you want the integration to be linked to – in this example you would be using the pre-created acunetix-test projectAcunetix Azure DevOps Integration
  9. Select the Azure DevOps Services work item type you want Acunetix to create when a vulnerability is found – in this example you would be using the custom type Vulnerability
  10. Click on the Save button at the top of the Add Issue Tracker panel

Part 3: Configuring a Target to Report Issues to Your Issue Tracker

From your list of targets, select the target you wish to work with.

  1. In the Target Information panel, scroll to the bottom of the panel and expand the Advanced link
  2. Enable the Issue Tracker sliderAcunetix Azure DevOps Integration
  3. In the Issue Tracker dropdown, select the name of the Azure DevOps Services Integration configuration you wish to use
  4. At the top of the Target Information panel, click on the Save button

Now that your target is configured to link to Azure DevOps Services, you need to scan your target. When the scan is completed, you will be able to select the vulnerabilities to submit to your issue tracker.

Part 4: Submitting Vulnerabilities to Azure DevOps Services

Once you have completed a scan on your target:

  1. Select Vulnerabilities in the sidebar
  2. Adjust your filter to obtain a shortlist containing the vulnerabilities you wish to send to your issue trackerAcunetix Azure DevOps Integration
  3. Use the checkboxes next to vulnerabilities to select the vulnerabilities to send to the issue tracker
  4. Click on the Send to Issue Tracker button at the top of the Vulnerabilities panel

Check Your Azure DevOps Work Items Page

Your Azure DevOps Work Items page will show the issues you have submitted to the issue tracker.

Acunetix Azure DevOps Integration

SHARE THIS POST
THE AUTHOR
Kevin Attard Compagno
Technical Writer
Kevin Attard Compagno is a Technical Writer working for Acunetix. A technical writer, translator, and general IT buff for over 30 years, Kevin used to run Technical Support teams and create training documents and other material for in-house technical staff.