Get a demo
AppSec with Zero Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Support
Integrations

Integrating Invicti Standard with Redmine

This document is for:
Invicti Standard

Redmine is an issue tracking system that is part of a larger, flexible project management web application. It is free and open source, cross-platform and cross-database. Redmine is written using the Ruby on Rails framework.

This topic explains how to configure Invicti Standard to send a detected vulnerability to Redmine (including using the wizard).

For further information, see Configuring the User Interface for Custom Send To Actions in Invicti Standard and Configuring Auto Send To Actions in Invicti Standard and What Systems Does Invicti Integrate With?.

Redmine Fields

This table lists and explains the Redmine fields in the Send to Actions tab.

Button/Section/Field

Description

Add

Click to add an integration.

Delete

Click to delete the integration and clear all fields.

Configure Send To

Click to configure the integration using the Settings Wizard instead of doing it manually.

Create Sample Issue

Once all relevant fields have been configured, click to create a sample issue.

Action

This section contains general fields about the Send To Action

Display Name

This is the name of the configuration that will be shown in menus.

Mandatory

This section contains fields that must be completed.

URL

This is the Redmine instance URL.

API Access Key

This is the API Access Key for authentication.

Project ID

This is the project identifier of the issue.

Priority ID

This is the priority identifier.

Vulnerability

This section contains fields with vulnerability details.

Body Template

This is the template file that is used to create description fields.

Title Format

This is the string format that is used to create the vulnerability title.

Optional

This section contains optional fields.

Tracker ID

This is the tracker identifier.

Status ID

This is the status identifier.

Category ID

This is the category identifier.

Assignee ID

This is the assignee identifier.

Due Days

This is the number of days between the date the issue was created to the date it's due.

Is Private

This indicates whether the issue is accessible only to the assignee.

Custom Fields

These are the custom fields that are defined for the project.

Click the ellipsis () to open the Custom Fields Editor dialog.

In the Edit Custom Field Value field, enter the value and click OK.

How to Integrate Invicti Standard with Redmine

  1. Open Invicti Standard.
  2. From the Home tab on the ribbon, click Options. The Options dialog is displayed.
  3. Click Send To Actions.

  1. From the Add dropdown, select Redmine. The Redmine fields are displayed.

  1. In the Mandatory section, complete the connection details:
    • URL
    • API Access Key
    • Project
    • Priority ID
  2. In the Vulnerability section, you can change the default Body Template and Title Format.

Body templates are stored in %userprofile%\Documents\Invicti\Resources\Send To Templates. If you use your own custom templates, store them in this location.

  1. In the Optional section you can specify:
    • Tracker ID
    • Status ID
    • Category ID
    • Assignee ID
    • Due Days
    • Is Private
    • Custom Fields
  2. To set custom field values, in the Custom Fields field, click the ellipsis button.
  3. In the Edit Custom Field Value field, enter the relevant value.

  1. Click OK.
  2. Click Create Sample Issue to confirm that Invicti Standard can connect to the configured system. The Send To Action Test confirmation dialog is displayed.

  1. In the Send To Action Test dialog, click the Issue number link to open the issue in Redmine in the default browser.

How to Integrate Invicti Standard with Redmine Using the Wizard

Instead of configuring the settings manually, the configuration wizard can help you with the settings.

  1. Open Invicti Standard.
  2. From the Home tab on the ribbon, click Options. The Options dialog is displayed.
  3. Click Send To Actions.                                        
  4. From the Add dropdown, select Redmine. The Redmine fields are displayed.

  1. Click Configure Send To to launch the wizard. The Send To Configuration dialog is displayed.

  1. Click Next. The Authentication step is displayed.

   

  1. Complete the URL and API Access Key fields, and click Test Credentials.
  2. When the confirmation message, Your credentials are confirmed, is displayed, click Next. The Project step is displayed.

  1. Select a project, and click Next. The Priority step is displayed.

   

  1. Select a priority, and click Next. The Tracker step is displayed.

  1. If required, select a tracker, and click Next. The Status step is displayed.

  1. If required, select a status, and click Next. The Category step is displayed.

  1. If required, select a category, and click Next. The Assignee step is displayed.

  1. If required, select an assignee, and click Next. The Optional Fields step is displayed.

  1. If required, complete the Due Days and Is Private fields, and click Next. The Summary step is displayed.

  1. Review your settings, and click Finish. The Settings are applied automatically. You are returned to the Send To Actions fields.
  2. To set custom field values, in the Custom Fields field, click the ellipsis button.
  3. In the Edit Custom Field Value field, enter the relevant value.

  1. Click OK.
  2. Click Create Sample Issue to confirm that Invicti Standard can connect to the configured system. A Send To Action Test confirmation dialog is displayed.

  1. In the Send To Action Test dialog, click the Issue number link to open the issue in Redmine in the default browser.

How to Export Reported Vulnerabilities to Projects in Redmine

Please ensure that you have first configured Redmine integration (see How to Integrate Invicti Standard with Redmine).

  1. Open Invicti Standard.
  2. From the ribbon, select the File tab. Local Scans are displayed. Double-click the relevant scan to display its results.

  1. In the Issues panel, right click the vulnerability you want to export and select Send to Redmine. (Alternatively, from the ribbon, click the Vulnerability tab, then Send To Redmine.) A confirmation message and link is displayed at the bottom of the screen.

  1. Click the Redmine Send To Action is executed for the selected vulnerability. link to view the newly-created issue in Redmine.
  2. The vulnerability is automatically exported to Redmine. You can view it in Redmine's Issues tab.

Top Articles

What is Invicti?

Overview of Scan Policies

Scheduling Scans

Managing Integrations

Built-In Reports

Invicti Help Center

Our Support team is ready to provide you with technical help.

Go to Help Center This will redirect you to the ticketing system.