ENTERPRISE

Integrating Burp Suite Enterprise Edition with Jira

  • Last updated: September 9, 2022

  • Read time: 3 Minutes

If you or your teams use Jira, you may like to integrate this with Burp Suite Enterprise Edition. Once configured, this enables you to create Jira tickets from directly within Burp Suite Enterprise Edition for any security vulnerabilities found by your scans. Integration is supported for both Jira Cloud and Jira Server.

Note

If your Jira server is configured to use HTTPS, you need to make sure that it has a CA-signed certificate. Burp Suite Enterprise Edition does not support integration using self-signed certificates.

To integrate with Jira, Burp Suite Enterprise Edition must be linked to a specific Jira user.

All Jira projects that the user has permission to create tickets in will be exposed to Burp Suite Enterprise Edition. For this reason, we recommend creating a new Jira user specifically for the integration.

Generate a Jira API token (Jira Cloud only)

If you want to integrate a cloud-based Jira installation, you first need to create a Jira API token. Burp Suite Enterprise Edition uses this to authenticate itself with Jira.

For Jira Server deployments, you can skip this step.

  1. Log in to Jira as the user that you want to use for the integration.
  2. In Jira, click your user icon and open your account settings.
  3. From the account settings page, select Security.
  4. Click Create and manage API tokens.
  5. Click Create API token.
  6. Enter a label for the token and click Create.
  7. Copy the token to your clipboard and save it somewhere secure.

Note

You will not be able to view or copy this token again once you close the popup.

Connect Burp Suite Enterprise Edition to Jira

To connect Burp Suite Enterprise Edition to Jira:

  1. Log in to Burp Suite Enterprise Edition as an administrator.
  2. From the settings menu, select Integrations.
  3. On the Jira tile, select Configure.
  4. Enter the URL for your Jira server in the Jira URL field.
  5. Click Continue.
    Enter the URL for Jira
  6. The next step depends on which type of Jira deployment you have:
    • For Jira Cloud deployments, enter the email address and the API token of the Jira user that you created earlier. Click Continue.
    • For Jira Server deployments, enter the username and password of the Jira user that you created earlier. Click Continue.
    Enter the Jira account details

If Burp Suite Enterprise Edition successfully connects to Jira, you'll be presented with options to configure both manual and automatic ticket creation.

Note

You must enable at least one of these in order to complete the Jira configuration.

Enable manual Jira ticket creation

To enable users to create Jira tickets manually from within Burp Suite Enterprise Edition, you need to configure the list of Jira projects and ticket types that they can choose from:

  1. Select a project from the Project drop-down list.
  2. Select a ticket type from the Ticket Type drop-down list.
  3. Click the + symbol.
  4. If necessary, repeat these steps to add more projects and ticket types.

    Note

    You need to add separate entries for each ticket type, even when adding multiple ticket types from the same project.

  5. Click Save.
    Enable manual ticket creation for Jira

Enable automatic Jira ticket creation

You can configure Burp Suite Enterprise Edition to create Jira tickets automatically. Tickets are created for any issues that meet the minimum severity and confidence levels that you specify.

Note

To avoid inadvertently flooding your Jira backlog with an overwhelming number of tickets, we recommend setting high severity and confidence levels initially. You can then lower these once you have a better understanding of how many tickets are created as a result of your scans.

  1. Click Enable.
  2. Select a project from the Project drop-down list.
  3. Select a ticket type from the Ticket Type drop-down list.
  4. Use the sliders to set the minimum issue severity and confidence levels that trigger Jira ticket creation.
  5. Click Save.
    Enable automatic ticket creation for Jira

Manually creating Jira tickets

For information on how users can manually create Jira tickets, refer to Raise Jira tickets from within Burp Suite Enterprise Edition.

Was this article helpful?