Integrating Acunetix with JIRA using HTTP Basic Token

Integrating Acunetix with JIRA using HTTP Basic Token involves a four-step process:

  1. Prepare an API Token in JIRA for communication with Acunetix
  2. Configure Acunetix for integration
  3. Configure a Target to report issues to your issue tracker
  4. Submit vulnerabilities to JIRA

Prerequisites: Before integrating Acunetix with JIRA using HTTP Basic Token, ensure the following prerequisites are met:

  • You already have a JIRA account.
  • A project has been created in JIRA, typically containing the source code for the Target Web Application.
  • You have created custom issue labels unless you are using the default built-in labels. The example in this document assumes a custom issue label called Vulnerability.
  • An API Token has been created to secure the communication channel between Acunetix and JIRA for your Target's repository.
  • If using Acunetix Online, ensure that your JIRA system allows incoming API requests from online.acunetix.com or app.invicti.com (For EU-based customers: app-eu.invicti.com).

Step 1: Prepare an API Token in JIRA for communication with Acunetix

  1. From the Settings menu, select Atlassian account settings.

  1. In the Atlassian account menu on the sidebar, click Security.

  1. Within the Security page, click Create and manage API tokens.

  1. Click Create API token.

  1. On the Create an API token page, set the Label field to Acunetix Integration.

  1. Ensure you keep a copy of the Token, as it cannot be retrieved after you exit the page. Losing the Token will require creating a new one and repeating the process.

Step 2: Configure Acunetix for integration

  1. Select Issue Trackers from the Acunetix side menu.
  2. Click + Add Issue Tracker.

  1. Set the Name field to describe the integration. For this example, we have used JIRA Issues.

  1. In the Target Groups Access panel, select the Target Groups that will be assigned to the issue tracker. Note that only Targets inside an assigned Target Group can be integrated into this issue tracker.

  1. In the Issue Tracker Platform and Authentication panel:
  • Set the Platform dropdown to JIRA.
  • Set the Authentication field to HTTP Basic Token.
  • Set the URL field to the format https://<jira-site-name>.atlassian.net. For example, if your JIRA site is named acunetix-test, then the URL would be https://acunetix-test.atlassian.net/.
  • Enter your username or email.
  • Enter your JIRA API Token into the Token field.
  • Click Test Connection. You should receive a Connection is Successful message.

  1. The Project and Issue Type panel will update with your list of Projects and Issue Labels.
  2. Select the JIRA project you want the integration linked to. For example, use the pre-created internal-wiki project.
  3. Choose the JIRA Issue Type for Acunetix to create when a vulnerability is found. In this example, we have used the custom type Vulnerability.

  1. If the selected issue type has custom fields defined, add the custom fields and assign values.

  1. Click Save at the top of the Add New Issue Tracker page.

Step 3. Configure a Target to report issues to the issue tracker

  1. Select Targets from the Acunetix menu.
  2. From your list of Targets, select the one you want to work with.
  3. On the Target Settings page, scroll down and expand the Advanced section.
  4. Enable the Issue Tracker toggle.
  5. From the Issue Tracker dropdown, select the JIRA Integration configuration you intend to use.

  1. Click Save at the top of the Target Settings page.

Now that your Target is set up to link to JIRA, you need to scan your Target. When the scan is completed, you will be able to select the vulnerabilities to submit to your issue tracker.

Step 4: Submit vulnerabilities to JIRA

After completing a scan on your Target:

  1. Select Vulnerabilities in the Acunetix side menu.
  2. Adjust the filter to obtain a shortlist of the vulnerabilities you want to send to your issue tracker.
  3. Use the checkboxes next to the vulnerabilities to select the ones to send to the issue tracker.
  4. Click Send to Issue Tracker.

  1. Check your JIRA Issues page. Your JIRA Issues page will display the submitted issues.

 

« Back to the Acunetix Support Page