/
ITSM Integration

ITSM Integration

ITSM software, also known as Information Technology Service Management software, focuses on management of internal and external IT support.

The following CI/CD integrations are made via our Jenkins Plugins, and requires absolutely zero coding experience—the only limit is your own imagination:

Jira Integration

In Team Reviewer/Cloud Reviewer, JIRA integration is bidirectional. You may push findings to JIRA and share comments. If an issue is closed in JIRA it will automatically be closed in Team Reviewer/Cloud Reviewer.

 On a product's settings page you will need to define a:

·        Project Key (and this project must exist in JIRA)

·        JIRA Configuration (select the JIRA configuration that you create in the steps below)

·        Component (can be left blank)

Then elect (via tickbox) whether you want to 'Push all issues', 'Enable engagement Epic mapping' and/or 'Push notes'. Then click on 'Submit'.

If creating a Finding, ensure to tick 'Push to jira' if desired.

Enabling the Webhook

  1. Visit https://<YOUR JIRA URL>/plugins/servlet/webhooks

  1. Click 'Create a Webhook'

  1. For the field labeled 'URL' enter: https://<YOUR DOMAIN>/webhook/

  1. Under 'Comments' enable 'Created'. Under Issue enable 'Updated'.

Configurations in Team Reviewer/Cloud Reviewer

  1. Navigate to the System Settings from the menu on the left side or by directly visiting <your url>/system_settings.

  1. Enable 'Enable JIRA integration' and click submit.

Adding JIRA to Team Reviewer/Cloud Reviewer

  1. Click 'JIRA' from the left-hand menu.

  1. Select 'Add Configuration' from the drop-down.

  1. If you use Jira Cloud, you will need to generate an API token for Jira to use as the password

  1. To obtain the 'open status key' and 'closed status key' visit https://<YOUR JIRA URL>/rest/api/latest/issue/<ANY VALID ISSUE KEY>/transitions?expand=transitions.fields

  1. The 'id' for 'Todo' should be filled in as the 'open status key'

  1. The 'id' for 'Done' should be filled in as the 'closed status key'

To obtain 'epic name id': If you have admin access to JIRA:

  1. visit: https://<YOUR JIRA URL>/secure/admin/ViewCustomFields.jspa

  1. Click on the cog next to 'Epic Name' and select view.

  1. The numeric value for 'epic name id' will be displayed in the URL

  1. Note: Is it used the same celery functionality as reports. Make sure the celery runner is setup correctly.

Or

  1. login to JIRA

  1. visit https://yourjiraurl/rest/api/2/field and use control+F or grep to search for 'Epic Name' it should look something like this:

{ “id”:“customfield_122”, “key”:“customfield_122”, “name”:“Epic Name”, “custom”:true, “orderable”:true, “navigable”:true, “searchable”:true, “clauseNames”:“cf[122]”, “Epic Name”], “schema”:{“type”:“string”,“custom”:“com.pyxis.greenhopper.jira:gh-epic-label”,“customId”:122} }

In the above example 122 is the number needed.

Engagement Epic Mapping

If creating an Engagement, ensure to tick ‘Enable engagement epic mapping’ if desired. This can also be done after engagement creation on the edit engagement page. This will create an ‘Epic’ type issue within Jira. All findings in the engagement pushed to Jira will have a link to this Epic issue. If Epic Mapping was enabled after associated findings have already been pushed to Jira, simply pushing them again will link the Jira issue to the Epic issue.

Pushing findings

Findings can be pushed to JIRA in a number of ways:

  1. When importing scanner reports, select ‘Push to JIRA’ to push every single finding in the report to Jira

  1. When creating a new finding, select ‘Push to JIRA’ and submit. This will create the finding in Cloud Reviewer and Jira simultaneously

  1. If a finding already exists, visit the edit finding page and find the ‘Push to JIRA’ tick box at the bottom

  1. When viewing a list of findings, select each relevant tick boxes to the left of the finding, and click the ‘Bulk Edit’ button at the top. find ‘Push to JIRA’ at the bottom of the menu

Status Sync

Cloud Reviewer will try to keep the status in sync with the status in JIRA using the Close and Reopen transition IDs configured for each JIRA instance. This will only work if your workflow in JIRA allows the Close transition to be performed from every status a JIRA issue can be in.

Natural Language

Using our Embedded MCP Server, we provide a Natural Language Interaction on which also Jira Tasks can be involved.

COPYRIGHT (C) 2015-2025 SECURITY REVIEWER SRL. ALL RIGHTS RESERVED.