You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.
View groupJoin the community to find out what other Atlassian users are discussing, debating and creating.
The security teams that I've worked with have had varying levels of integration between Jira and their monitoring tools. Here are a couple of examples:
In one of the simpler integrations, the monitoring tool sends an email to Jira Service Desk which used the Enterprise Message Handler for Jira app to create an Incident issue type and set the Request Type to Security based on the sender. We also used JEMH's regex parsing ability to set custom fields that identified the affected device (hostname, environment, location, etc.) This type of solution is very easy to implement but it doesn't scale very well. Once you have 100s or 1000s of devices reporting the same vulnerability you're left with a bunch of noise. At that time you need to rethink your integration and look into tools that can perform alert aggregation and correlation.
In a more complex integration, we wrote some custom middleware that sat between Jira, the customer's monitoring tool, and their CMDB to not only identify the impacted device but also auto-assign the incident to the manager of the team responsible for the device. The middleware used a polling interval to automatically create new incidents as they were identified and close out the incidents once the vulnerability is patched.
Connect with like-minded Atlassian users at free events near you!
Find an eventConnect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.
Host an eventYou're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events