Integrating Invicti Enterprise with Jazz Team Server
Jazz Team Server – a part of IBM Application Lifecycle Management – is an issue-tracking system to maintain transparency and traceability across the entire development team.
This topic explains how to configure Invicti Enterprise to send a detected vulnerability to Jazz Team Server Server.
For further information, see What Systems Does Invicti Integrate With?.
Jazz Team Server Fields
This table lists and explains the Jazz Team Server fields in the New Jazz Team Server Integration page.
|Name||This is the name of the configuration that will be shown in menus.|
|Mandatory||This section contains fields that must be completed.|
|Server URL||This is the Jazz Team Server instance URL.|
|Username||This is the name of the user.|
|Password||This is the password of the user.|
|Project Area Id||This is the project identifier of the issue.
To identify the project area id, from the main menu, select Project Dashboards > Project Area. See the highlighted part in the URL for the project area id.
|Category Name||This is the category name.|
|Title Format||This is the string format that is used to create the vulnerability title.|
|Optional||This section contains optional fields.|
|Work Item Type||This is the type of work item (defect, task).|
|Work Item Severity||This is the severity of the work item (blocker, critical, etc. ).|
|Work Item Priority||This is the priority of the work item (high, medium, etc. ).|
|Template||This is the template file that is used to create description fields.|
|Due Days||This is the number of days between the date the issue was created to the date it’s due.|
|Tags||These are the work item tags, separated by a semicolon (;).|
How to Integrate Invicti Enterprise with Jazz Team Server
- Log in to Invicti Enterprise.
- From the main menu, select Integrations > New Integration.
- From the Issue Tracking Systems, select Jazz Team Server.
- In the Name field, enter a name for the integration.
- In the Mandatory section, complete the connection details:
- Server URL
- Project Area Id
- Category Name
- Title Format
- In the Optional section you can specify:
- Work Item Type
- Work Item Severity
- Work Item Priority
- Due Days
- Select Save.
You can select Create Sample Issue to confirm that Invicti Enterprise can connect to the configured system. The issue is created in the Jazz Team Server as the following way:
How to Export Reported Vulnerabilities to Projects in Jazz Team Server
There are several ways to send issues to Jazz Team Server with Invicti Enterprise:
- Once notifications have been configured, you can configure Invicti Enterprise to automatically send vulnerabilities after scanning has been completed (see How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System).
- You can send one or more issues from the Issues window:
- From the main menu, select Issues > All Issues.
- From the Issues window, select one or more issues you want to send.
- Select Send To, then Jazz Team Server.
A pop-up is displayed, with a link to the issue you have sent to Jazz Team Server. If there is an error, this information will be displayed instead.
- You can send an issue from the Recent Scans window:
- From the main menu, select Scans > Recent Scans.
- Next to the relevant scan, select Report.
- Scroll down to the Technical Report section.
- From the list of detected vulnerabilities, select an issue and display its details.
- Select Send To > Jazz Team Server.
If you have previously submitted this vulnerability to Jazz Team Server, it will already be accessible. You cannot submit the same issue twice.