Ticketing and Issue Tracking
The Veracode integrations for ticketing and issue-tracking systems enable you to automatically create tickets and merge them into defect backlogs.
The tickets contain information about the production-level and sandbox vulnerabilities identified during Veracode application security scans. These tickets are then managed like all application bugs or defects and are automatically given a severity, assigned to developers, and prioritized.
Veracode APIs and integrations require access to specific Region Domains, depending on the region for your Veracode account. Contact your IT team to ensure the correct domains for your region are on the allowlist for your organization. Also, ensure that there is one-way communication on port 443 to the domain for the REST APIs. Refer to the complete list of domains and IP addresses to add to your allowlist.
To learn more about these integrations and interact with other users, visit the Community forum.
Veracode integrates with the following ticketing and issue-tracking systems:
Asana
To import and manage findings in Asana with an extension, see Crashtest Security Suite.
Integration type: Community
Azure DevOps
To import and manage findings in Azure DevOps with an extension, see Azure DevOps Extension.
Integration type: Veracode-Authored
Bugzilla
To import and manage findings in Bugzilla with the Java API Wrapper, see Bugzilla.
Integration type: Veracode-Authored
DefectDojo
To import Dynamic Analysis vulnerabilities from Crashtest and manage them in DefectDojo, see Crashtest Security Suite.
Integration type: Community
Jira
Select from the following integrations:
- Veracode Integration for Jira to import and manage findings with a plugin.
- Crashtest Security Suite to import and manage Dynamic Analysis vulnerabilities from Crashtest.
Integration type: Veracode-Authored
Jira Cloud
Select from the following integrations:
- Veracode Integration for Jira Cloud to import and manage findings with a plugin.
- Crashtest Security Suite to import and manage Dynamic Analysis vulnerabilities from Crashtest.
- SCA Agent to create issues for SCA vulnerabilities in the Veracode Platform.
Integration type: Veracode-Authored