Chariot allows you to connect with Jira. With this workflow set up, Chariot can directly send risk alerts to Jira to remove steps between discovery and remediation!

From Chariot's Attack Surface landing page, click on the account icon in the top right. Then click on Organization Settings from the drop down.

On the Organization Settings page, you will see the Push Notifications section. Click on Add Push Notification.

This will bring up the available push notification integrations. Click on the Jira tile.

Clicking on the Jira tile will show you all of the information needed for Chariot to complete the integration. Keep these in mind as we set move to Jira for integration setup.

In Jira

To find the Base URL, you can log into your instance of Jira and check the URL in the address bar of your browser. Chariot, shows the example, "https://<your-domain>.atlasian.net." Copy out the URL (without additional path information like .../jira) and add that to the Base URL section in Chariot.

The User Email field will take the email of the user that created the API token in Jira. To find this in Jira, click on the account icon at the top right. Here you can view and copy the email that that will go in the User Email field. You can also click Manage Account to navigate to the API token creation page.

 

After clicking on Manage account you can click Security from the Atlassian Account page. 

On the Security page, click on Create and manage API tokens. (Instead of navigating, you can use this link to get to the API token page https://id.atlassian.com/manage/api-tokens.)

To create an API token click on Create API token.

 

 

From the dialog that appears, enter a memorable and concise Label for your token and click Create.

Click Copy to clipboard, then paste the token to Chariot's Access Token field, or elsewhere to save:

New API token that you can view and copy to clipboard. Warning to securely record the API token


Note: For security reasons it isn't possible to view the token after closing the creation dialog; if necessary, create a new token. You should store the token securely, just as for any password.

More on Atlassian API tokens can be found here.

To find your project key, from Jira click on the Projects tab and then on View all projects.

On the Projects page you will see all of your projects and their respective key in the second column. Copy the key for the project that will receive Chariot notifications. Copy this value into the Project Key section in the Jira Chariot setup dialog.

For Issue Type, you can chose the type that best works for your Jira project. As this is specific to your own Jira project, you can learn about what works best for your own setup here. Once the appropriate issue type is defined, enter it into Chariot. 

Severity will determine the minimum risk severity to be sent from Chariot to Jira. If you want all risks at a medium or higher severity to be sent to Jira, select Medium.

Once you have filled out the Base URL, User Email, Access Token, Project Key, Issue Type, and Severity, click Save. Now, open risks at or above the severity you chose, will be sent to your Jira project.

We hope these instructions were helpful! If you find a topic that you would like discussed in detail, or need further assistance, please let us know at support@praetorian.com!