Skip to main content

Ticketing and Issue Tracking

The Veracode integrations for ticketing and issue-tracking systems enable you to automatically create tickets and merge them into defect backlogs.

The tickets contain information about the production-level and sandbox vulnerabilities identified during Veracode application security scans. These tickets are then managed like all application bugs or defects and are automatically given a severity, assigned to developers, and prioritized.

note

Veracode APIs and integrations require access to specific Region Domains, depending on the region for your Veracode account. Contact your IT team to ensure the correct domains for your region are on the allowlist for your organization. Also, ensure that there is one-way communication on port 443 to the domain for the REST APIs. Refer to the complete list of domains and IP addresses to add to your allowlist.

To learn more about these integrations and interact with other users, visit the Community forum.

Veracode integrates with the following ticketing and issue-tracking systems:

Asana

To import and manage findings in Asana with an extension, see Crashtest Security Suite.

Integration type: Community

Azure DevOps

To import and manage findings in Azure DevOps with an extension, see Azure DevOps Extension.

Integration type: Veracode-Authored

Bugzilla

To import and manage findings in Bugzilla with the Java API Wrapper, see Bugzilla.

Integration type: Veracode-Authored

DefectDojo

To import Dynamic Analysis vulnerabilities from Crashtest and manage them in DefectDojo, see Crashtest Security Suite.

Integration type: Community

Jira

Select from the following integrations:

Integration type: Veracode-Authored

Jira Cloud

Select from the following integrations:

Integration type: Veracode-Authored