Integrating Acunetix 360 with Bugzilla
Bugzilla is an open-source, web-based bug tracking and testing tool. Its purpose is to help developers manage defects in software development. Developers can use it to keep track of outstanding bugs, problems, issues, enhancements and other product change requests.
This topic explains how to configure Acunetix 360 to send a detected vulnerability to Bugzilla.
This table lists and explains the Bugzilla fields in the New Bugzilla Integration window.
This is the name of the configuration that will be shown elsewhere.
This section contains fields that must be completed.
This is the Bugzilla instance URL.
This is the API Access Key for authentication.
This is the product name.
This is the name of a component.
This is the product version in which the issue was found.
This is the type of hardware in which the bug was experienced.
This is the operating system in which the bug was discovered.
This is the string format that is used to create the vulnerability title.
This section contains optional fields.
This is the status from which this bug starts.
This is the priority of the bug.
This is the user to whom the issue is assigned.
This is the severity of the bug.
This is a valid target milestone for the product.
This is the number of days from the date the issue was created to the day it's due.
This section contains user-defined custom fields.
New Custom Field
Click to create a new custom field.
Enter a name for the new custom field.
Enter a value for the new custom field identifier.
Click the dropdown to change the input type. The options are:
Create Sample Issue
Once all relevant fields have been configured, click to create a sample issue.
How to Integrate Acunetix 360 with Bugzilla
- Log in to Acunetix 360.
- From the main menu, click Integrations then New Integration.
- From the Issue Tracking Systems section, click Bugzilla. The New Bugzilla Integration window is displayed.
- In the Mandatory section, complete the connection details:
- Name (The name must be unique)
- API Key
- Operating System
- Title Format
- Open Bugzilla.
- From the main menu, click Preferences, then API Keys. The existing API Key is displayed.
- Copy the API key value from Bugzilla and paste it into the API Key field in Acunetix 360.
- In Bugzilla, click Administration to view the remaining connection details. Copy and paste them from Bugzilla to the relevant fields in the Mandatory section in Acunetix 360.
- In the Optional section, you can complete the following fields:
- Assigned To
- Due Days
- Custom Fields
- If required, click New Custom Field. A Name and Value field is displayed.
- In the Name field, enter a name for the value containing the new custom field identifier.
- In the Value field, enter a value for the new custom field identifier. Click Create Sample Issue to confirm that Acunetix 360 can connect to the configured system and create a sample issue. A confirmation message is displayed to confirm that the sample issue has been successfully created.
- In the confirmation message, click the Issue number link to open the issue in your default browser.
- If the Bugzilla integration is not configured correctly, Acunetix 360 will correctly route the following descriptive error messages to you. Sample error messages may be displayed as illustrated:
- If the URL or API Key was entered incorrectly
- If the Component name was entered incorrectly
- If the Priority was entered incorrectly
How to Export Reported Vulnerabilities to Projects in Bugzilla
There are several ways to send issues to Bugzilla with Acunetix 360:
- Once notifications have been configured, you can configure Acunetix 360 to automatically send vulnerabilities to Bugzilla after scanning has been completed (see How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System).
- You can send one or more issues from the Issues window:
- You must have Manage Issue permission.
- From the main menu, select Issues, then All Issues. The Issues window is displayed.
- Select one or more issues you want to send.
- Click Send To, then Bugzilla.
- A popup is displayed, with a link to the issue you have sent to Bugzilla. If there is an error, this information will be displayed instead.
- You can also send an issue from the Recent Scans window:
- From the main menu, click Scans, the Recent Scans.
- Next to the relevant scan, click Report. The report is displayed.
- Scrolls down to the Technical Report section.
- From the list of detected vulnerabilities, click to select an issue and display its details.
- Click Send To, then Bugzilla.
- If you have previously submitted this vulnerability to Bugzilla, it will already be accessible. You cannot submit the same issue twice.
- If you view opened problem logs in Bugzilla, they look like this.