Integrating Invicti Standard with Jazz Team Server
Jazz Team Server – a part of IBM Application Lifecycle Management – is an issue-tracking system to maintain transparency and traceability across the entire development team.
This topic explains how to configure Invicti Standard to send a detected vulnerability to Jazz Team Server, enabling seamless integration with your application lifecycle management workflow for efficient vulnerability work item tracking and remediation management.
Jazz Team Server Fields
The following table lists and explains the Jazz Team Server fields available in the Send to Actions configuration:
| Button/Section/Field | Description |
|---|---|
| Action | This section contains general fields about the Send To Action. |
| Display Name | This is the name of the configuration that will be shown in menus. |
| Mandatory | This section contains fields that must be completed. |
| Server URL | This is the Jazz Team Server instance URL. |
| Username | This is the name of the user. |
| Password | This is the password of the user. |
| Project Area Id | This is the project identifier of the issue. To identify the project area id, from the main menu, select Project Dashboards > Project Area. |
| Category Name | This is the category name. |
| Vulnerability | This section contains fields with vulnerability details. |
| Body Template | This is the template file that is used to create description fields. |
| Title Format | This is the string format that is used to create the vulnerability title. |
| Optional | This section contains optional fields. |
| Tags | These are the work item tags, separated by a space. |
| Due Days | This is the number of days between the date the issue was created to the date it's due. |
| Work Item Type | This is the type of work item (defect, task). |
| Work Item Severity | This is the severity of the work item (blocker, critical, etc.). |
| Work Item Priority | This is the priority of the work item (high, medium, etc.). |
See the highlighted part in the URL for the project area id.
How to Integrate Invicti Standard with Jazz Team Server
Follow these steps to configure Jazz Team Server integration for automated vulnerability work item creation:
- Open Invicti Standard
- From the Home tab on the ribbon, select Options > Send To Actions
- From the Add drop-down, select Jazz Team Server
- In the Mandatory section, complete the connection details:
- Server URL
- Username
- Password
- Project Area Id
- Category Name
To identify the project area id, from the main menu, select Project Dashboards > Project Area. See the highlighted part in the URL for the project area id.
-
In the Vulnerability section, you can change the default Body Template and Title Format
-
In the Optional section you can specify:
- Tags
- Due Days
- Work Item Type
- Work Item Severity
- Work Item Priority
-
Select Apply and OK
You can select Create Sample Issue to confirm that Invicti Standard can connect to the configured system. The issue is created in the Jazz Team Server as configured.
The issue is created in the Jazz Team Server as the following way:
How to Export Reported Vulnerabilities to Jazz Team Server
After configuring the Jazz Team Server integration, follow these steps to export specific vulnerabilities:
Please ensure that you have first configured Jazz Team Server integration (see How to Integrate Invicti Standard with Jazz Team Server).
- Open Invicti Standard
- From the ribbon, select the File tab. Local Scans are displayed. Double-click the relevant scan to display its results
- In the Issues panel, right-click the vulnerability you want to export and select Send to Jazz Team Server. (Alternatively, from the ribbon, select the Vulnerability tab, then Send To Jazz Team Server.) A confirmation message and link are displayed at the bottom of the screen
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center