Support
Issue Tracking Systems

Integrating Invicti Enterprise with Bitbucket

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

Bitbucket is a web-based hosting service for code management. It provides development teams with a place to plan projects, collaborate on code, test, and deploy. When you add a repository to Bitbucket Cloud, the issue tracker helps you track your project’s feature requests, bug reports, and other project management tasks.

This topic explains how to configure Invicti Enterprise to send a detected vulnerability to Bitbucket.

For further information, see What Systems Does Invicti Integrate With?.

Bitbucket Fields

This table lists and explains the Bitbucket Fields in the New Bitbucket Integration window.

Button/Section/Field

Description

Name

This is the name of the configuration that will be shown elsewhere.

Mandatory

This section contains fields that must be completed.

Repository

This is the repository name that includes the issue. Make sure to enter a URL-friendly version of a repository name that you can find in the address bar.

Username

This is the name of the user.

Password

This is the password of the user.

Title Format

This is the string format that is used to create the vulnerability title.

Optional

This section contains optional fields.

Workspace

This is the workspace name that includes the issue. Make sure to enter a URL-friendly version of a workspace name or its UUID.

Kind

This is the type of the issue. The options are:

  • bug
  • enhancement
  • proposal
  • task

Priority

This is the priority of the bug. The options are:

  • trivial
  • minor
  • major
  • critical
  • blocker

How to Integrate Invicti Enterprise with Bitbucket

  1. Log in to Invicti Enterprise.
  2. From the main menu, go to Integrations New Integration.
  1. From the Issue Tracking Systems section, select Bitbucket.
Bitbucket
  1. In the Name field, enter a name for the integration.
  2. In the Mandatory section, complete the connection details:
    • Repository
    • Username
    • Password
    • Title Format
  3. Select Create Sample Issue to confirm that Invicti Enterprise can connect to the configured system. A confirmation message is displayed to confirm that the sample issue has been successfully created.
  • In the confirmation message, select the Issue number link to open the issue in your default browser.
  1. Select Save to save the integration.

How to Edit the Bitbucket Integration

  1. Log in to Invicti Enterprise.
  2. Go to Integrations > Manage Integration.
  3. Next to Bitbucket, select Edit.
  4. Make the necessary changes and select Save.

How to Delete the Bitbucket Integration

  1. Log in to Invicti Enterprise.
  2. Go to Integrations > Manage Integration.
  3. Next to Bitbucket, select Delete.
  4. On the confirmation dialog, select Delete.

How to Export Reported Vulnerabilities to Projects in Bitbucket

There are several ways to send issues to Bitbucket with Invicti Enterprise:

  • Once notifications have been configured, you can configure Invicti Enterprise to automatically send vulnerabilities to Bitbucket after scanning has been completed (see How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System).
  • You can send one or more issues from the Issues window:
    • From the main menu, select Issues All Issues
    • From the Issues window, select one or more issues you want to send.
    • Select Send To > Bitbucket.

A pop-up is displayed with a link to the issue you have sent to Bitbucket. If there is an error, the relevant error information will be displayed instead.

  • You can also send an issue from the Recent Scans window:
    • From the main menu, select Scans Recent Scans.
  • Next to the relevant scan, select Report
  • Scrolls down to the Technical Report section.
  • From the list of detected vulnerabilities, select an issue and display its details.
  • Select Send To > Bitbucket

If you have previously submitted this vulnerability to Bitbucket, it will already be accessible. You cannot submit the same issue twice.