Experimenting with Snyk Apps and Atlassian’s Forge development platform, our partner solutions architect Carwin Young built a new open source app: Snyk Auto-Issues for Jira. This new, open source app automatically creates new Jira issues for security issues discovered by Snyk.
This new app is featured as part of the Atlassian Jira Toolchain page, which is an exciting new experience for easily discovering, connecting, and visualizing your software development tools in Jira.
How does it work?
The Jira app subscribes to a webhook configured within Snyk to automatically pull vulnerability scan results and create new Jira issues for any security issues discovered. Within the Jira platform, you can map Jira projects to track specific Snyk projects. This can be a one-to-one project mapping, or a single Jira project can monitor multiple Snyk projects.
Once this is set up, Jira issues will be created on the Jira board for newly discovered security issues. The integration also gives organizations the flexibility to limit new Jira tickets to a certain vulnerability severity level. This helps development teams prioritize vulnerability remediation to have the greatest impact on an application’s security posture.
Snyk Auto-Issues for Jira requires a Snyk subscription and you can start a free 14 day trial today — no strings, no credit card required. All you need to do is log in to your Snyk account, request a free Snyk Business plan trial, and then sign up for the new Jira application for free in the Atlassian Marketplace.
Since this is an open source, community-driven integration, all the development and documentation happens here on GitHub. If you’re interested in contributing new features, fixing bugs, or are simply interested in the source code please stop by and take a look!