Vuln2jira

przełącz na pl

Vuln2jira is a one of the component of the Security Center Extension Pack developed by OpenBiz, the Gold Partner of Tenable Inc. and member of Tenable Assure program. Security Center Extension Pack is set of components extending capabilities of Tenable’s Security Center. Vuln2jira connects Security Center and JIRA and automate issues’ creation and update and maintenance process.

Key features:

  1. Work in two modes:
    1. one host is one issue
    2. each vulnerability is a separate issue
  2. Handle unlimited number of JIRA projects
  3. Automatic creation of issues in JIRA based on information from Security Center
  4. Automatic issues management based on information from Security Center: changes of status, closing, reopening, content updates
  5. CSV files containing vulnerabilities lists can be attached to issues in order to integrate with external patch management systems
  6. Enable to fully configure schema of the name of issues in order to help viewing their lists
  7. Flexible configuration of data downloaded from Security Center: filtering by IP address, severity level, repository or asset
  8. Redirect automatically to defined assignee and establish list of watchers
  9. Local data caching accelerate analysis data from Security Center and its comparison with JIRA issues
  10. Vuln2jira operates on Linux (recommended) and MS Windows

Operation scheme:

Vuln2jira implements Deming Cycle paradigm. Following four steps are executed at every application run:

  1. Import of vulnerabilities – connect to Security Center server and download information about vulnerabilities according to definied filtering: IP address, severity level, repository and assets
  2. Analysis and comparison – vulnerability information downloaded from Security Center server are analyzed and compared with JIRA issues. Caching significantly accelerates operation
  3. New issues creation - for newly found vulnerabilities the new JIRA issues are created
  4. Issues status update – existing issues are automatically verified basing on its status and content update.

wykres en

“One host is one issue” mode:

For each host with existing vulnerabilities (according to filters set in configuration) JIRA issue is created. It contains:

  1. In “Description” field identification of the host (DNS name and operation system), total Score, number of vulnerabilities by threat level (Critical, High, …),
  2. In “Attachments” field attached csv files contain vulnerabilities list with Description and Solution fields
  3. Comments about changes made in issue description: open, reopen, change of vulnerability list since last run
  4. “Assignee” and “Watchers” fields are filled according to the vuln2jira configuration

If vulnerability was found for existing issue with status “Closed” change is made automatically to “Reopened”. Also if vulnerabilities exist for “Resolved” issue, change is made to “Reopened”. Automatically another CSV attachment is created, “Description” field is updated and new comment about changes in vulnerabilities list appear.

For issues with no existing vulnerabilities status is automatically changed to “Closed”.

JIRA screen

“ONE vulnerability is ONE issue” mode:

For every vulnerability found according to filter set in vuln2jira issue is automatically created in this mode. Issues’ closing and reopening is managed by the program. This mode is recommended for well patched systems only (with relatively small number of vulnerabilities). Otherwise huge number of issues may saturate JIRA and affect the performance.

If vulnerability was found for existing issue with status “Closed” change is made automatically to “Reopened”. Also if vulnerabilities exist for “Resolved” issue, change is made to “Reopened”. Automatically  “Description” field is updated and new comment about changes in vulnerabilities list appear.

For issues with no existing vulnerabilities status is automatically changed to “Closed”.

Vuln2jira extensions:

Plugin “Accept Risk Add-on” is available for purchase. It extends functionality of vuln2jira by enabling registering AcceptRisk request in Security Center from JIRA.

Prices and availability:

Prices, license terms and conditions, orders and other requests should be addressed to Ten adres pocztowy jest chroniony przed spamowaniem. Aby go zobaczyć, konieczne jest włączenie w przeglądarce obsługi JavaScript.