Skip to main content

Ticketing and issue tracking

The Veracode integrations for ticketing and issue-tracking systems enable you to automatically create tickets and merge them into defect backlogs.

The tickets contain information about the production-level and sandbox vulnerabilities identified during Veracode application security scans. These tickets are then managed like all application bugs or defects and are automatically given a severity, assigned to developers, and prioritized.

note

Veracode APIs and integrations require access to specific Region Domains, depending on the region for your Veracode account. Contact your IT team to ensure the correct domains for your region are on the allowlist for your organization. Also, ensure that there is one-way communication on port 443 to the domain for the REST APIs. Refer to the complete list of domains and IP addresses to add to your allowlist.

To learn more about these integrations and interact with other users, visit the Community forum.

To keep the status of imported findings in your ticketing system in sync with the status of the actual findings in the Veracode Platform, you must routinely run the integration.

Veracode integrates with the following ticketing and issue-tracking systems:

Asana

To import and manage findings in Asana with an extension, see Ticketing integrations.

Integration type: Community

Azure DevOps

To import and manage findings in Azure DevOps with an extension, see Azure DevOps Extension.

Integration type: Veracode-Authored

Bugzilla

To import and manage findings in Bugzilla with the Java API wrapper, see Bugzilla.

Integration type: Veracode-Authored

DefectDojo

To import Dynamic Analysis vulnerabilities from DAST Essentials and manage them in DefectDojo, see DAST Essentials.

Integration type: Community

Jira

Select from the following integrations:

Integration type: Veracode-Authored

Jira Cloud

Select from the following integrations:

Integration type: Veracode-Authored

ServiceNow

To import and manage findings in ServiceNow, download the extension Vulnerability Response Integration with Veracode from the ServiceNow Store. To use this extension, your Veracode account must have access to the Reporting API.

Integration type: Partner