You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, we need to manually track vulnerabilities or issues in Azure DevOps after identifying them in DefectDojo. This manual process is error-prone, time-consuming, and disrupts workflows, especially in organizations heavily using Azure DevOps for project management and development.
As a security engineer, I want DefectDojo to integrate with Azure DevOps Boards so that I can automatically create work items in Azure DevOps Boards for tracked findings.
The integration should allow:
1. Mapping of DefectDojo findings to specific Azure DevOps projects and boards. 2. Synchronization of updates between Azure DevOps work items and DefectDojo findings (e.g., status updates). 3. Configurable rules to determine which findings are pushed to Azure DevOps (e.g., severity thresholds). 4. Support for OAuth or PAT-based authentication for Azure DevOps API.
Additional context
Integration could leverage the Azure DevOps REST API for creating and managing work items.
Similar functionality already exists for JIRA integration in DefectDojo, which can serve as a reference.
A possible feature addition for the v3 release could be a generic template for issue-tracking tool integrations, making future extensions easier.
This integration would enhance DefectDojo's appeal for teams using Azure DevOps, streamlining workflows and reducing manual effort.
The text was updated successfully, but these errors were encountered:
Currently, we need to manually track vulnerabilities or issues in Azure DevOps after identifying them in DefectDojo. This manual process is error-prone, time-consuming, and disrupts workflows, especially in organizations heavily using Azure DevOps for project management and development.
As a security engineer, I want DefectDojo to integrate with Azure DevOps Boards so that I can automatically create work items in Azure DevOps Boards for tracked findings.
The integration should allow:
1. Mapping of DefectDojo findings to specific Azure DevOps projects and boards.
2. Synchronization of updates between Azure DevOps work items and DefectDojo findings (e.g., status updates).
3. Configurable rules to determine which findings are pushed to Azure DevOps (e.g., severity thresholds).
4. Support for OAuth or PAT-based authentication for Azure DevOps API.
Additional context
This integration would enhance DefectDojo's appeal for teams using Azure DevOps, streamlining workflows and reducing manual effort.
The text was updated successfully, but these errors were encountered: