Adding Vulnerabilities

dc_ukws · October 23, 2024, 4:06pm

hi, in our Jira we have connected some Security tooling that gives an overview of found Vulnerabilities in the Issue.

I am struggling to work out how can i import this, my ultimate goal is to have a report of issues Resolved but Vulns still “Open”
i tried to find some sort of Custom field ID in dev tools but it doesnt seem to exist
in Jira i can use a JQL query for instance like
project in ("PROJ1, "PROJ2") AND statusCategory != Done AND vulnerability[status] = CLOSED ORDER BY due ASC, created DESC and get valid list of issues
i tried importing “Security” as measures and trying to use co-pilot to create a calculated measure like this for instance but it does not seem to work

NonZero(Count(
  Filter(
    Descendants([Issue].CurrentMember, [Issue].[Issue]),
    [Measures].[Issue labels] MATCHES ".*security-vulnerability.*" AND
    NOT IsEmpty([Measures].[Issue resolution date]) AND
    [Measures].[Vulnerability status] = "OPEN"
  )
))

is this possible ?
thanks
DC

ilze.mezite · November 4, 2024, 5:21am

Hi, @dc_ukws

Welcom to the eazyBI community!

We don’t support the integration with the Jira Security tool by default.

Please write us at support@eazybi.com; please add the JSON file of the issue that has the vulnerability linked.

To get the JSON file, please open an issue in Jira. Modify the URL of the issue replacing browse with rest/api/latest/issue and then add ?expand=changelog at the end of the URL. Save the JSON results of the issue as the file and send it to support@eazyBI.com.

Kindly,
Ilze