Security in Jira (DevSecOps capabilities in Jira Software)

Jira Logo, symbol, meaning, history, PNG, brand Open DevOps - Security in Jira image.png

image-20230328-211630 (1).png

Secure your code from development to release

Shift-left security testing and catch vulnerabilities before they hit production.

In partnership with security testing experts, Jira Software Cloud enables security and development teams to collaborate in a single unified pane, by bringing vulnerabilities into the context of developer sprints. Apply to our early access program for a sneak peek into our latest DevSecOps capabilities.

Apply Now

 

All within Jira Software's Security tab, you can...

audit.pngAudit

Get a comprehensive view of all vulnerabilities impacting your project.

 

Frame 3640.pngAssess

Collaboratively triage vulnerabilities based on impact to code component and base.

Frame 3639 (1).pngAssign

Quickly file tickets with pre-populated fields and assign tickets to code authors.

image-20230413-235852.pngAutomate

Jira automatically links vulnerabilities to issues, providing the context needed for quick fixes.

 

 

Find your ultimate DevSecOps workflow

Test-in-depth security in crucial for any product security program. Open DevOps' aspires to support your ultimate DevSecOps workflow, no matter the tools you use. Explore the integrations Security in Jira supports today.

Snyk.png

Snyk

Try for free

1656871435755.jpeg

Mend (formerly WhiteSource)

Try for free 

channels4_profile.jpeg

Stackhawk 

Try for free

download.jpeg

Lacework

Try for free

 

Join the Open DevOps partnership program

In security testing, there will never be one tool, one vendor, or one security technique to rule them all. A safe, secure digital world is built together. Learn how your security testing solution can join our partnership program.

See our API support docs for technical information.

Contact us at platformpartners@atlassian.com for information on our program.

book.png

 

 catalog.png

Integrate your DevOps tools today

From Discover to Build to Deliver to Operate, Open DevOps supports your ultimate DevSecOps workflow, no matter the tools you use. See the full catalog of tools we support.

See catalog

 

25 comments

Bryan Guffey February 7, 2023

Is this Cloud-only? It would be helpful if the phrase “Jira Software Cloud” was used when talking about features only available in Cloud :)

Like # people like this
Tamulyn Takakura
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 7, 2023

Hi @Bryan Guffey . Great call out! Thanks so much for you suggestion on how we can improve our content. I've made adjustments to the article.

Yes, Security in Jira and all other Open DevOps capabilities are cloud-only. For more information on Open DevOps, check out this link: https://www.atlassian.com/solutions/devops 

Let me know if you have any other questions. I'm happy to help!

Like # people like this
Maximilian Hamm February 27, 2023

Dear @Tamulyn Takakura 

Is it necessary to use Snyk to be able to use the presented functions?

Tamulyn Takakura
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 28, 2023

Hi @Maximilian Hamm

Nice to e-meet you! Great question. Currently, the early access program is only for Snyk integrations. We are actively working on expanding support to a portfolio of security testing vendors beyond Snyk, so please keep an eye out! May I ask what security testing tools you're most interested in? We're currently collecting feedback on what our customer want to see.

Outside of our early access program for this feature, we support a variety of security testing vendors for Jira Software. You can see the full list here: https://marketplace.atlassian.com/search?marketingLabel=devops-security 

Like # people like this
Noushin Kananian March 3, 2023

Good info. Thanks for sharing your invaluable knowledge and experience. 

Like Tamulyn Takakura likes this
Danny
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 7, 2023

Cannot wait to get my hands on this and try it out myself. Thanks @Tamulyn Takakura for the update 

Like # people like this
Jamie Rogers May 4, 2023

Great info, thanks.

Like Tamulyn Takakura likes this
Fabio Racobaldo _Herzum_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
May 7, 2023

Very interesting info. Thanks for sharing @Tamulyn Takakura 

Like Tamulyn Takakura likes this
Oliver Siebenmarck _Polymetis Apps_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
May 11, 2023

Very cool! I'm so looking forward to trying out the Snyk integration. It's still EAP-only, right?

G subramanyam
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
May 11, 2023

Thank you for sharing the detail and API support document link.

Like Tamulyn Takakura likes this
Daani Faiz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 14, 2023

Hi @Oliver Siebenmarck _Polymetis Apps_ Great question! 

We are still running the EAP, however we will be rolling out the feature to customers in a public beta over the coming weeks. If you've submitted an early access request, stay tuned and we will look to get you enabled in the next few days.

Let me know if you have any other questions. I'm happy to help!


Like # people like this
ibrahim_aly May 17, 2023

Thank you for sharing a great article

Like Tamulyn Takakura likes this
Sara Tucker May 23, 2023

Hi! I was added to the EAP a several days ago but I still can't seem to find the option to toggle this on within a Software project. Anyone know of any troubleshooting steps I can try to get that to show up? 

Daani Faiz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 24, 2023

Hi @Sara Tucker

Thanks for reaching out.

Sorry to hear you haven't been able to get set up. To enable the feature:

1. Go to Project Settings and click Features (in the left side bar of your project)
2. Toggle the Security feature on.
3. Return to your project, and you will find the Security tab in the left sidebar.

If the steps provided above do not work, please reply to the "Feature On" email from our team with your Atlassian site ID (xxx.atlassian.net). From there we can make sure we've enabled the right ID.

Looking forward to getting you started with Security in Jira in our EAP! 



Like Sara Tucker likes this
Justyna Gdowik _ Deviniti _
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
May 25, 2023

That's some really valuable information! 🙌

Hana Kučerová
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
June 5, 2023

Thank you. I'm looking forward to trying it myself.

Like Daani Faiz likes this
Akshat Sharma June 12, 2023

Are there plans to enable Prisma for this integration?

Anthony Morais
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 14, 2023

Very good! Thanks for sharing

Daani Faiz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 21, 2023

Hi @Akshat Sharma

Thanks for your question. Security in Jira is currently live with Snyk, Mend, Lacework, Stackhawk and JFrog. As a part of this experience we are absolutely working to add in additional vendors. While we cannot confirm plans at this stage to integrate with Prisma, this is a great suggestion which our team will look into.

Please reach out if you have any other vendor suggestions!

praseeb kdas June 23, 2023

@Tamulyn Takakura  Very interesting Article. Thanks for sharing!

Jue Wang June 30, 2023

Is there any separate cost for this security integration? 

I assume we need a separate license with those third-party vendors like Snyk correct?

Rama krishna July 12, 2023

Nice Post

Nicholas Savage July 13, 2023

Prisma Cloud integration please.

Aside from the task/vulnerability management aspect of having this data in Jira, the other benefit would be exclusion management (typically for Lab environments or known/accepted vulnerabilities) as currently in Prisma Cloud one is not able to add meta data such as when the exclusion was added, why, for who etc. A use case to consider.

Mike P August 3, 2023

Any plans to bring this to Data Center?

Like Lorenzo Orsatti likes this
Magdalena Wisniewska December 19, 2023

Is the Early Access still available?

I am getting "Not Found" message when clicking on Apply Now.

TAGS
AUG Leaders

Atlassian Community Events