The Issues Page with the Continuous Dynamic Plugin for Jira Data Center

The Issues page of every vulnerability created by the Continuous Dynamic Plugin for Jira Data Center has now integrated key Continuous Dynamic features, allowing users to get the information they need to remediate vulnerabilities without leaving Jira.

Continuous Dynamic’s vulnerability data is presented in the description section of the Issue. At the bottom of every Issue you will see the Continuous Dynamic - Vulnerability Management section.

In order to see this information, you must have configured your Global Settings appropriately. For more information, see Configure Global Settings / Configure Vulnerability Content. For troubleshooting help, see Troubleshooting.

Enable Vulnerability Management

To enable Vulnerability Management, perform the following:

  1. When completing the Configure Global Settings, select the Yes radio button.

    issue page jira plugin 1

  2. Select Save.

Adding a Note or Tag

To add a Note or Tag using the Vulnerability Management functions perform the following steps:

  1. From the Jira system Dashboard, select Issues.

    issue page jira plugin 2

  2. Select an Issue.

  3. Click Continuous Dynamic - Vulnerability Management to expand the section.

    issue page jira plugin 3

    1. Optionally, to retest this Issue select Vulnerability Retest.

      issue page jira plugin 3.1

    2. Select from the drop down menu which update type you want to add.

    3. Select from the drop down menu which attack vector the note or tag will be added to.

      For SAST and MAST assets, the option to select an Attack vector is unavailable.

    4. Type the Note or Tag in the text field.

    5. Click Submit.

  4. If the Note or Tag is successfully added, the following message is displayed.

    issue page jira plugin 4

Ask a Question

To ask a question using the Vulnerability Management functions, perform the following steps:

  1. From the Jira system Dashboard, select Issues.

    issue page jira plugin 2

  2. Select an Issue.

  3. Click Continuous Dynamic - Vulnerability Management to expand the section.

    issue page jira plugin 3

    1. From the drop down menu, select the Category that your question belongs to.

    2. Type your question in the text field.

    3. Select Submit to send your question to the Black Duck support team.

      issue page jira plugin 5

  4. If the question is successfully submitted, the following message is displayed.

    issue page jira plugin 6

  5. Previous questions and responses can be reviewed in the Ask a Question section of the Vulnerability Management functions.

The Retest and Add Tag or Note Vulnerability Management functions are only available for DAST Issues.

View Vulnerability Trace

To view vulnerability traces for Continuous Dynamic issues with a description and solution, perform the following steps:

  1. From the Jira system Dashboard, select Issues.

    issue page jira plugin 7

  2. Select an Issue.

  3. At the bottom of the Description, click the link for More information. This includes the vulnerability traces, description and solution.

    issue page jira plugin 8

  4. This table displays the Vector ID, Line Number and code Snippet relating to this vulnerability.

    issue page jira plugin 9

  5. The Description tab offers a description of the vulnerability class in question.

  6. The Solution tab will offer an approach to resolving the vulnerability in question.

For troubleshooting help, please see Troubleshooting the Continuous Dynamic Plugin for Jira Data Center.