Integrating Invicti Standard with Jazz Team Server
Jazz Team Server – a part of IBM Application Lifecycle Management – is an issue-tracking system to maintain transparency and traceability across the entire development team.
This topic explains how to configure Invicti Standard to send a detected vulnerability to Jazz Team Server.
For further information, see Configuring the User Interface for Custom Send To Actions in Invicti Standard and Configuring Auto Send To Actions in Invicti Standard and What Systems Does Invicti Integrate With?.
Jazz Team Server Fields
This table lists and explains the Jazz Team Server fields in the Send to Actions tab.
Button/Section/Field | Description |
Action | This section contains general fields about the Send To Action. |
Display Name | This is the name of the configuration that will be shown in menus. |
Mandatory | This section contains fields that must be completed. |
Server URL | This is the Jazz Team Server instance URL. |
Username | This is the name of the user. |
Password | This is the password of the user. |
Project Area Id | This is the project identifier of the issue.
To identify the project area id, from the main menu, select Project Dashboards > Project Area. See the highlighted part in the URL for the project area id. |
Category Name | This is the category name. |
Vulnerability | This section contains fields with vulnerability details. |
Body Template | This is the template file that is used to create description fields. |
Title Format | This is the string format that is used to create the vulnerability title. |
Optional | This section contains optional fields. |
Tags | These are the work item tags, separated by a space. |
Due Days | This is the number of days between the date the issue was created to the date it’s due. |
Work Item Type | This is the type of work item (defect, task). |
Work Item Severity | This is the severity of the work item (blocker, critical, etc. ). |
Work Item Priority | This is the priority of the work item (high, medium, etc. ). |
How to Integrate Invicti Standard with Jazz Team Server
- Open Invicti Standard.
- From the Home tab on the ribbon, select Options > Send To Actions.
- From the Add drop-down, select Jazz Team Server.
- In the Mandatory section, complete the connection details:
-
- Server URL
- Username
- Password
- Project Area Id
- Category Name
- In the Vulnerability section, you can change the default Body Template and Title Format.
- In the Optional section you can specify:
-
- Tags
- Due Days
- Work Item Type
- Work Item Severity
- Work Item Priority
- Select Apply and OK.
You can select Create Sample Issue to confirm that Invicti Standard can connect to the configured system.
The issue is created in the Jazz Team Server as the following way:
How to Export Reported Vulnerabilities to Jazz Team Server
Please ensure that you have first configured Jazz Team Server integration (see How to Integrate Invicti Standard with Jazz Team Server).
- Open Invicti Standard.
- From the ribbon, select the File tab. Local Scans are displayed. Double-click the relevant scan to display its results.
- In the Issues panel, right-click the vulnerability you want to export and select Send to Jazz Team Server. (Alternatively, from the ribbon, select the Vulnerability tab, then Send To Jazz Team Server.) A confirmation message and link are displayed at the bottom of the screen.