🔌 Plug into Jira: Seamlessly shift-left with Security in Jira

This week on our Plug into Jira series, we’re introducing new security capabilities in Jira Software Cloud, designed to help organizations better prioritize security by ensuring software teams have visibility into the security issues that need to be addressed. Along with our partners Snyk, Mend, Lacework, Stackhawk, and JFrog, we’re excited to empower teams to address security issues more effectively and earlier.

The expanding scope of DevSecOps

Companies big and small have been in the news for security issues recently. This has put security top of mind for organizations and fueled the adoption of DevSecOps – a practice that builds security into every aspect of software development. 

But securing software is not easy. As new technologies become part of the development process, each presents a new opportunity for attack. It is now virtually impossible for teams to consider every angle of security when building software, leaving organizations to manage the inevitable reality of vulnerabilities in their code.

Too many tools

Powerful security tools have been developed to address this problem, bringing automated security testing to each step in the software development lifecycle. But each of these tools focuses on a different part of the process, resulting in organizations using multiple security tools. Today, enterprises use nine (or more) security tools on average.

As a result, software development teams have to sift through a tremendous volume of vulnerabilities recorded in siloed tools. It’s not just time-consuming, it’s error-prone. Without a centralized location to manage them, important vulnerabilities can get lost in the noise. 

Jira Software to the rescue

We’ve partnered with leading security vendors Snyk, Mend, Lacework, Stackhawk, and JFrog (with more to come) to integrate their popular tools into Security in Jira. Now, within the Security tab in Jira Software, teams have a centralized location to triage all the vulnerabilities spotted across their security tools and easily prioritize, assign, and manage tasks for development teams.

Get more context so you can address vulnerabilities earlier

The new Security tab provides software teams more context with the ability to filter and stack rank vulnerabilities by severity level. This helps software teams address the right vulnerabilities first to further accelerate development velocity and reduce the risk of each release.

Automatically create a Jira issue populated with security details

You can set Jira to automatically create an issue populated with security details for identified critical vulnerabilities and easily bring lower-priority vulnerabilities into sprint planning. This helps developers stay focused by minimizing ad hoc interruptions and also encourages intentional and thoughtful prioritization of security vulnerabilities.

"Teams are already managing their work in Jira Software. The new security tab brings security to the forefront of our weekly sprints and planning cycles. My development teams no longer need to go into a separate security tool, they get everything they need right here in Jira Software." - Jake Colman, VP of Engineering, Derivative Path

Bring security triaging into your existing rituals

Teams can finally see which vulnerabilities are being addressed and their status in one view. Security can become part of developers' existing workflow and make a DevSecOps implementation manageable.  

“Security in Jira integration is the ultimate dream for me - single source of truth for teams to work from.” Tom Austin, Devops & Tooling Engineer, Motability Operations

Jira Software makes it easy to bring security further into your existing development rituals. Atlassian is dedicated to helping teams unleash their full potential and we’re excited to see our customers move faster and deliver more value to their own customers with the assurance that they’re deploying secure features and products. Try the new security features in Jira today by enabling the security tab and integrating your tools – free to all Jira Software Cloud users!

Ready to release faster and safer? Join our upcoming webinar on 6/20 & 6/21 to learn how to make DevSecOps part of your development workflow with Jira.

How does your team currently address security issues in your workflows? Share your reaction or questions about our new security in Jira feature in the comments below!