Webinar with VDC Research 6/22 | Software Supply Chain Security – Ignorance Is No Longer Bliss Register Now

CodeSonar SAST Atlassian JIRA Integration

SAST when Safety and Security Matter

  CodeSonar SAST. Jira Agile Project Management.

GrammaTech provides SAST and SCA security testing products. Our SAST product – CodeSonar – is the favorite when code safety and security are important. CodeSonar integrates with Jira via the CodeSonar for Jira plugin. The plugin allows CodeSonar and JIRA users to take advantage of automatic creation of JIRA tickets from CodeSonar warnings, to update JIRA tickets though the CodeSonar hub and updating CodeSonar warnings from within JIRA. The plugin consists of two components: one for the CodeSonar Hub, and one for a JIRA server instance.


Download Integration Instructions


Automatic JIRA Issue Creation

A common use case for the CodeSonar for Jira integration is to open a new issue in JIRA that is linked to an existing CodeSonar warning. This is done simply by navigating to the details page of the warning and creating a JIRA issue which established a relationship between Jira and CodeSonar.


SAST Warning Management in JIRA

Once a JIRA issue is created from a warning it’s fully manageable from within JIRA. Changes in state are reflected back in the CodeSonar hub.

The Priorities and States of CodeSonar warning can be customized to map to the desired Jira Priority and workflow states.


Shift Left Security in Your DevOps Pipeline with SAST and SCA

SAST and SCA tools improve security awareness by exposing vulnerabilities in existing code, third-party software and newly developed code.

Integrating testing for security and quality issues into the existing DevOps workflow via the JIRA integration leads to increased developer ownership for eliminating these issues. As experience in this workflow is gained, these teams can help expand use of best practices throughout the organization. CodeSonar and CodeSentry are ideal for facilitating this Shift Left transition. In addition, the feedback to developers and management is crucial in both improving security and improving the end-to-end software development process.


Book A Demonstration

The best way to try a SAST solution is to run it on your own codebase and review the warnings it issues. Book a demo and learn how GrammaTech technology can rapidly improve your software development capability.