Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

🔌 Plug into Jira: Seamlessly shift-left with Security in Jira

plug into jira banner.png

This week on our Plug into Jira series, we’re introducing new security capabilities in Jira Software Cloud, designed to help organizations better prioritize security by ensuring software teams have visibility into the security issues that need to be addressed. Along with our partners Snyk, Mend, Lacework, Stackhawk, and JFrog, we’re excited to empower teams to address security issues more effectively and earlier.

The expanding scope of DevSecOps

Companies big and small have been in the news for security issues recently. This has put security top of mind for organizations and fueled the adoption of DevSecOps – a practice that builds security into every aspect of software development. 

But securing software is not easy. As new technologies become part of the development process, each presents a new opportunity for attack. It is now virtually impossible for teams to consider every angle of security when building software, leaving organizations to manage the inevitable reality of vulnerabilities in their code.

Too many tools

Powerful security tools have been developed to address this problem, bringing automated security testing to each step in the software development lifecycle. But each of these tools focuses on a different part of the process, resulting in organizations using multiple security tools. Today, enterprises use nine (or more) security tools on average.

As a result, software development teams have to sift through a tremendous volume of vulnerabilities recorded in siloed tools. It’s not just time-consuming, it’s error-prone. Without a centralized location to manage them, important vulnerabilities can get lost in the noise. 

Jira Software to the rescue

illustration.png

We’ve partnered with leading security vendors Snyk, Mend, Lacework, Stackhawk, and JFrog (with more to come) to integrate their popular tools into Security in Jira. Now, within the Security tab in Jira Software, teams have a centralized location to triage all the vulnerabilities spotted across their security tools and easily prioritize, assign, and manage tasks for development teams.

Security in Jira - Partners (2).png

 

Get more context so you can address vulnerabilities earlier

Security in Jira - Triage (1).png

The new Security tab provides software teams more context with the ability to filter and stack rank vulnerabilities by severity level. This helps software teams address the right vulnerabilities first to further accelerate development velocity and reduce the risk of each release.

Automatically create a Jira issue populated with security details

Security in Jira - Issues (1).png

You can set Jira to automatically create an issue populated with security details for identified critical vulnerabilities and easily bring lower-priority vulnerabilities into sprint planning. This helps developers stay focused by minimizing ad hoc interruptions and also encourages intentional and thoughtful prioritization of security vulnerabilities.

"Teams are already managing their work in Jira Software. The new security tab brings security to the forefront of our weekly sprints and planning cycles. My development teams no longer need to go into a separate security tool, they get everything they need right here in Jira Software." - Jake Colman, VP of Engineering, Derivative Path

Bring security triaging into your existing rituals3rd image.jpeg

Teams can finally see which vulnerabilities are being addressed and their status in one view. Security can become part of developers' existing workflow and make a DevSecOps implementation manageable.  

“Security in Jira integration is the ultimate dream for me - single source of truth for teams to work from.” Tom Austin, Devops & Tooling Engineer, Motability Operations

Jira Software makes it easy to bring security further into your existing development rituals. Atlassian is dedicated to helping teams unleash their full potential and we’re excited to see our customers move faster and deliver more value to their own customers with the assurance that they’re deploying secure features and products. Try the new security features in Jira today by enabling the security tab and integrating your tools – free to all Jira Software Cloud users!

webinar banner.png

Ready to release faster and safer? Join our upcoming webinar on 6/20 & 6/21 to learn how to make DevSecOps part of your development workflow with Jira.

How does your team currently address security issues in your workflows? Share your reaction or questions about our new security in Jira feature in the comments below!

38 comments

Joanna Maciag June 6, 2023

Any possibility to have it for JIRA Data Center 

Like # people like this
Josh Frank
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 6, 2023

@Joanna Maciag  This is not currently on the Jira Data Center roadmap but we will take your request to the appropriate teams.

Like # people like this
Dan_Tombs June 7, 2023

I was on the webinar today around creating great developer experiences & I love how Jira is forming the command centre to what would otherwise be a lot of context switching. Yes you often have certain individuals spending more time in certain applications, but true to all businesses. If you are making a decision based on only half the information, chance of success is diminished. When it comes to making sure the team is focusing on the right issues or making sure we aren't disturbing them (no developer likes to be disturbed from their zone), bringing all the information into a single view means making those decisions gets easier.

 

Love the whole open DevOps culture being built here.

Like # people like this
Muriel S_ Thiago Ledoux Rupp June 7, 2023

Is yesterday's webinar record available? I'd like to send to my leadership and ask them if we can try Compass. Thanks!

Like # people like this
Josh Frank
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 7, 2023

@Muriel S_ Thiago Ledoux Rupp here's the recording of the webinar on building great developer experiences https://youtu.be/xriRD7ugX20 

Like # people like this
Randy O_Neal
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 7, 2023

Excellent... thanks for sharing!

Like # people like this
Summer.Hogan
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 7, 2023

Thanks for the recording @Josh Frank! I'll give it a watch! 

Like # people like this
Amanda Barber
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 7, 2023

Another fantastic article in this series. Thank you so much!

Like # people like this
Sayed Bares [ServiceRocket]
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 8, 2023

Love this series, thank you for sharing :) 

Like # people like this
Marjorie
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 9, 2023

Very applicable for today, thanks!

Brant Schroeder
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 9, 2023

Hopefully this comes to data center.

Like Tim H_ likes this
Anthony Morais
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 14, 2023

Amazing...Thanks for sharing!

Mike Boucher June 14, 2023

When can we expect this to be launch in current Jira cloud instances?  

Josh Frank
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 14, 2023

@Mike Boucher This is available for all Jira Software Cloud customers today. Get started by integrating with one of our supported security vendors in the Atlassian marketplace and then toggle on the security feature in the Jira Software features page. 

Screenshot 2023-06-14 at 2.20.07 PM.png

Matt Leebody June 15, 2023

@Josh Frank Can this dashboarding and project-specific security views be used without integrating with a specific tool? There's useful potential here but I don't want to buy a specific product to use it.

Like # people like this
Jose Erney Ospina June 15, 2023

Nice, thanks for sharing.

Alberto Azambuja June 15, 2023

@Josh Frank can we use the Jira API to populate the Security tab information?

The feature is fantastic, but we do not use any of the supported Vendors, we have a different open source solution we would like to integrate

Like # people like this
Ajay _view26_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 16, 2023

Excellent... thanks for sharing!

Marjorie
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 16, 2023

Thank you for this information!

Ankit Srivastava
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 17, 2023

Excellent...!!!
Thanks for sharing!

Hemant Khot
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 20, 2023

thanks for sharing.

Emily _ DevSamurai
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
June 20, 2023

thank you for sharing!

Martin Muguiro June 21, 2023

I could not assist, do you have the webinar recording to share? 

Daani Faiz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 21, 2023

Hi @Matt Leebody

Thanks for your question! Security in Jira currently is limited to use only once you have integrated one of our 5 available vendors (Snyk, Mend, Stackhawk, Lacework, JFrog). 

This is great feedback. Using the Security view without integrating a tool is suggestion which our team will explore.

Like Joe Pursel likes this
Daani Faiz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 21, 2023

Hi @Alberto Azambuja

Thanks for posting. Currently the Jira API cannot be used to populate security tab information. 

We appreciate the feedback and will add this feature suggestion to our backlog to explore further. 

We are also looking to expand our vendor offering. So additionally, if you do have a request for a security tool you would like us to consider please reach out! 

Like Joe Pursel likes this
TAGS
AUG Leaders

Atlassian Community Events