Anyone involved in the product development process knows just how critical Atlassian’s tools (and similar tooling) are, for, well...product development. JIRA, in particular, helps teams -- from engineering managers to development to customer support -- keep track of tickets, bug fixes, and product requirements. It’s always been a critical aid to the actual implementation of DevOps, as it creates the communication portal through which teams across the company can collaborate on development tasks.
Our improved Nexus IQ JIRA Add-On puts remediation right in the development workflow—getting violations in front of the people who can fix them. By automatically creating JIRA tickets for policy violations, development teams can infuse application security right into their workflow. Tickets are created at the component level for its respective JIRA project, informing developers of the severity of a threat and generating an actionable bite-size piece of work.
The best part? No more lengthy, untrackable lists of vulnerabilities. With violation reporting in JIRA, the administrative overhead of managing a lengthy bug list is eliminated. Component fixes are assigned with one-click and tracking is as easy as it is for any development task. That was easy.
This provides an instinctive way to communicate policy violations, as well as remediation guidance via Nexus Lifecycle, for development teams that are already using JIRA for feature development and bug reporting.
Brianne Strozewski coauthored this post.