Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.
Cobalt PtaaS + DAST combines manual pentests and automated scanning for comprehensive applications security.

Bi-Directional Integration With Jira

What is bi-directional integration? Click here to find how to sync between Jira tickets and Cobalt findings and save tremendous time.

Make sure to check out our Integrations page for more info! 

One of the powerful features we unveiled as part of our significant lineup of product enhancements in March is finally available for our customers: bi-directional integration with the world’s leading issue tracker platform, Jira.

What is Jira bi-directional integration?

In a DevOps environment, where agile teams do multiple code releases and hundreds of builds a day, effective communication, transparency, and collaboration are key. With Jira bi-directional integration, we’re delivering these critical values by giving the ability for security and development teams to work on findings seamlessly through their workflow tools and communicate via the Cobalt platform.

Instead of having the security team manually upload pentest findings into Jira, finding details now become available as soon as they are approved by the lead pentester on the Cobalt platform. This two-way integration makes sure developers can plan or start working on the fix immediately.

In addition to enabling status sync between Jira tickets and Cobalt findings, the retest request can also be automatically triggered on the Cobalt platform when the finding is fixed or closed by the developers on Jira. This decreases additional effort by your team by removing the need for an additional step to report back status.

Why bi-directional integration is important for agile teams

During a typical pentest engagement, it takes 5 to 7 days to make the finding data available to agile teams, and 2 to 4 days to let pentesters know that a fix is put in place. Due to the manual workload on each involved team, testers are notified much later in the process to retest the fix.

Bi-directional integration with Jira shrinks this time gap to notify testers about the changes and helps alleviate the burden and dependency on security team members in the entire pentest remediation process.

How it works

The Cobalt Jira Cloud plugin can be easily downloaded from the Atlassian Marketplace with no additional cost:

  • Search for Cobalt plugin in Atlassian marketplace (Jira Admin)

Integration_2-1 Cobalt plugin in Atlassian marketplace: Finding the app

  • Download the app from the marketplace (Jira Admin)

Integration3-1 Cobalt plugin in Atlassian marketplace: Downloading the app

Cobalt plugin in Atlassian marketplace: Downloading the app

Once the Jira plugin is installed, you can get started on the Cobalt platform immediately!

Here are a few of the coolest things you can do as soon as you have securely connected Cobalt and Jira platforms:

  • Define the Jira project, issue type, label(s), and Jira ticket to Cobalt finding state mapping for each pentest. The configuration applies to each finding submitted by pentester for each pentest engagement.

Jira project<>pentest configuration on the Cobalt platform: Defining project settings

Jira project<>pentest configuration on the Cobalt platform: State mapping

  • Control (enable/disable) automatic pushing of findings for each pentest and view the last sync updates

Jira project<>pentest configuration on the Cobalt platform: Enable/Disable and Last sync update

As we continue to lead PtaaS, we are always looking for ways to ensure Cobalt is the most innovative solution for DevOps-driven software companies that want to implement security across the development lifecycle and optimize application security processes.

Curious to learn more? Check out Cobalt in action with an on-demand PtaaS Demo!

Back to Blog
About Yogi Petkar
Yogi Petkar has more than 15 years of experience working in the technology sector with companies ranging from fortune 500 to startups. He currently works at Cobalt, a fully remote cybersecurity company with a mission to modernize traditional pentesting via a SaaS platform coupled with an exclusive community of vetted, highly skilled testers. He leads the Customer Experience Product Management team and shares regular PtaaS platform updates via his content deep dives highlighting new penetration testing features. More By Yogi Petkar
Cobalt Release Blog: February 2023
Read about the improvements we launched to our PtaaS Platform last month: new integrations, asset vulnerability updates, and more.
Mar 10, 2023