DAST (Sites) Configuration

Select the DAST (Sites) Configuration tab to set your default reporter and assignee, map assets or groups to Jira projects, and map ticket priority to Continuous Dynamic ratings.

To configure the Continuous Dynamic Plugin for Jira Cloud, perform the following steps:

  1. On the app page, select the DAST (Sites) Configuration tab.

    DAST config cloud jira plugin 1

  2. Set the default Jira assignee for a given asset (site or application) and associated Jira project. (This will map these assets to the Jira project(s) in question.) To set default assignees by group rather than asset, select the Sentinel Groups radio button. In this case, all assets in a group will be associated to the Jira project selected.

Mapping Configuration

  1. Select an asset from the list of DAST Assets.

    DAST config cloud jira plugin 2

  2. Select a project from the Projects list to assign.

    The autocomplete for some fields might not populate until you enter an exact match. This is due to an Atlassian limitation.

  3. Enter the name or email of your Jira User Reporter in the search bar provided and then select them from the list.

  4. Enter the name or email of your Jira User to assign in the search bar provided and then select them from the list.

  5. Select the Jira Issue Type from the drop down list.

  6. The value of Jira Issue Status for OPEN Issues is automatically set based on the Jira project workflow. The drop-down menu is disabled and manual change is not possible.

  7. Select a Jira Issue Transition For Closed Issues. In this menu, you can choose the status of Jira tickets that are closed by the Plugin: Done, In Review, or Closed. These values can differ depending on the selected Jira Issue Type.

  8. You can create Custom Issue Labels, which apply to each Jira Issue in the selected Jira Project.

  9. If you want to map your DAST assets to multiple Jira Projects you can add another Mapping Configuration by clicking the Add Mapping Configuration“ button. To configure another Mapping Configuration follow previous steps (1-8).

  10. If you wish to remove Mapping Configuration click Remove Mapping Configuration. It is not possible to remove the first Mapping Configuration. In case you don’t want DAST integration to run simply disable DAST integration in the Basic Configuration tab.

  11. Click Save All Mapping Configurations. If saving was successful, a message will appear. If the message does not appear, refer to the Monitoring/Debugging section.

Allow only vulnerabilities with tags

  1. In the Allow only vulnerabilities with tags text box, you can define one or more tags. Only DAST assets which include the defined tag(s) will be processed by the Plugin.

    SAST config cloud jira plugin 3
    If the input is empty and does not contain any tag(s), all selected DAST assets will be processed.

  2. Click Add Tag/s to save your changes. The success message should appear. If the message does not appear, refer to the Troubleshooting section.

Authorize Jira Groups to View/Interact Vulnerability Content (Retesting, TRC Team Responses, Add note and tag, and Submit Questions)

  1. Select one or multiple Jira User Groups which will be authorized to view retesting status of asset/vulnerability, and TRC team responses. This group is authorized to Add Notes and Tag/s and Submit questions related to a specific vulnerability opened in Jira Issue view.

    SAST config cloud jira plugin 4

  2. Click Authorize Groups.

Customize Jira Issue

  1. Click Customize Jira Issue.

    SAST config cloud jira plugin 5

  2. Edit the Customize Jira Issue Summary text field.

  3. Edit the Customize Jira Issue Description text field.

  4. When you have completed configuration for DAST (Sites) according to your preferences, click Save Customization.

  5. To restore the default values, click Restore default values.

You must click Save Customization after selecting Restore default values to keep the default values.