Sending Dash Compliance Events To JIRA
Dash allows teams to extend compliance by connecting Dash compliance events into JIRA and other task management solutions. Dash customers can send compliance events into JIRA and manage Dash compliance tasks alongside their ordinary security and DevOps workflows.
What Will You Need?
- Dash ComplyOps v1.9.0 or greater – See how to update to latest version of Dash
- About 10 minutes of time
Instructions
- In Dash ComplyOps, navigate to the Action Center.
- The page should look like this:
3. Before continuing, ensure that you have a JIRA board configured that you would like to send Dash issues to. You may consider the following when connecting Dash to JIRA:
- Dash will automatically send issues to the Backlog of the JIRA board you define.
- Dash issues can be sent to both Scrum and Kanban based JIRA boards.
- You may consider sending Compliance Issues and Policy Activities to the same JIRA board or separate boards depending on how your team will manage tasks.
- Compliance Issues – Will send compliance issues from the Dash Compliance Center to the assigned JIRA board when they are created.
Note: This integration currently supports “Classic JIRA Projects” and does not currently support “Next-Gen JIRA Projects”
3. Under Outputs click “Configure JIRA”
4. Scroll down to the Jira Integration Section and click “Add Jira Application Link”
3. You will then be prompted to enter in the following:
- JIRA Host – This is the URL or address of your JIRA application, for example dash.atlassian.net.
- JIRA User Email – This is the email Dash will use to authenticate the connection with JIRA. Ensure that this user email has access to the JIRA board(s) you will be connecting Dash with.
- JIRA API Key – This is the API Key associated with the JIRA account and authentication. You can click the “Create API Key” button to generate an API Key for this field.
4. To create a JIRA API Key, click the “Create API Key” link.
You will see a screen similar to this:
5. Click the Create API token button.
6. Enter in a Label name and click the Create button.
7. Copy your API token by clicking the Copy button.
8. Paste the API token into the JIRA API Key field in Dash. Complete all fields, and then click Validate Connection.
9. You will now see options to “Create Compliance Issues”.
Enable this switch. Once this option is enabled, select the JIRA board(s) you would like to send the Dash issues to. If you create a new JIRA board, you may need to refresh the webpage to see the new board in the options.
JIRA Options:
Create Compliance Issues – Enable/disable sending of newly created/rediscovered Compliance Center issues to JIRA.
Create SecurityHub Issues – Enable/disable sending of newly created/rediscovered SecurityHub connected Compliance Center issues to JIRA. (This may create many JIRA cards)
Select JIRA Board for Compliance Issues – Select a JIRA board to send Issues to (Currently only Classic JIRA projects are supported. Next-gen Projects are not currently supported)
Send Sample Issue – Test the JIRA connection by clicking this button. A single JIRA cards should be created in the selected JIRA board.
Send All Issues – For teams that have many previous compliance center issues they would like to send to JIRA. This button can be used to send All current issues and cards over to the JIRA board.
Just as a reminder:
Compliance Issues will send compliance issues from the Dash Compliance Center to the assigned JIRA board when:
- A new Dash Compliance Center issue is discovered/created
- A resolved Dash Compliance Center issue is rediscovered by Dash
Viewing Dash Compliance Issues In JIRA
1. After connecting your JIRA service and enabling creation of Dash Compliance Issues and/or Policy Issues, future issues will be created as cards on the defined JIRA boards. (You may not see issues until scans find new compliance issues)
2. To view Dash Issues in JIRA – Login to JIRA – Navigate to the defined JIRA Board
3. Dash will create a JIRA Issue (Card) in the board Backlog for each Dash compliance issue as it occurs. You can view these issues in Scrum and Kanban JIRA boards.
For Compliance Issues:
Compliance Issues from Dash, such as issues around networking, encryption, and backup issues show up as issues in your JIRA Backlog. We can see this our Backlog section of our Kanban board or on the Backlog Page of our Scrum Board.
You can click on individual Compliance Issue to view additional context and navigate to issues in Dash ComplyOps. Each Compliance issue will have nested subtasks for each issue object affected by the issue.
In this way your team can track and manage issues with multiple affected resources/objects.
Your team can manage Compliance Issues in your JIRA workflow, similar to any other issues. When future Compliance issues are created in the Dash Compliance Center, they will be added to the Backlog for the defined JIRA board.