We’re happy to announce another helpful integration for Sonatype Lifecycle — our new and improved Sonatype IQ Add-on for JIRA!
Anyone involved in the product development process knows just how critical Atlassian’s tools (and similar tooling) are, for, well...product development. JIRA, in particular, helps teams — from engineering managers to development to customer support — keep track of tickets, bug fixes, and product requirements. It’s always been a critical aid to the actual implementation of DevOps, as it creates the communication portal through which teams across the company can collaborate on development tasks.
Our improved Sonatype IQ JIRA Add-On puts remediation right in the development workflow—getting violations in front of the people who can fix them. By automatically creating JIRA tickets for policy violations, development teams can infuse application security right into their workflow. Tickets are created at the component level for its respective JIRA project, informing developers of the severity of a threat and generating an actionable bite-size piece of work.
The best part? No more lengthy, untrackable lists of vulnerabilities. With violation reporting in JIRA, the administrative overhead of managing a lengthy bug list is eliminated. Component fixes are assigned with one-click and tracking is as easy as it is for any development task. That was easy.
This provides an instinctive way to communicate policy violations, as well as remediation guidance via Sonatype Lifecycle, for development teams that are already using JIRA for feature development and bug reporting.
Ready to download the Sonatype IQ JIRA Add-on? Click here to download it on the Atlassian Exchange and check out our install instructions here.
Brianne Strozewski coauthored this post.
