Michael Lubas, 2024-04-03
Jira is the industry leading project management tool used by security, engineering, and product teams. Today the Paraxial.io Jira integration is officially available. How does it work? Consider the following Paraxial.io finding:
The relevant function in source code:
The best way to fix this vulnerability is to change the raw SQL query into an Ecto query, which automatically protects against SQL injections. In many organizations this involves:
These metrics are often used by engineering leadership to monitor how much work is being completed, and see if current projects are blocked. Before the Paraxial.io Jira integration, it was not possible to see if a ticket had been created for a Paraxial.io finding.
You will be prompted to authenticate with your current Jira session.
You are then redirected back to the Paraxial.io finding, which now has a form to create a Jira ticket.
When the form is submitted the ticket is created, and associated with that finding. You may be wondering, what happens on the next mix paraxial.scan
run, where this same finding will occur again? Each Jira ticket is associated with a hash of the finding, meaning Paraxial.io knows that if this finding shows up in future scans, SEC-77
is the relevant ticket. This prevents accidental creation of duplicate tickets for the same Paraxial.io finding.
You can now track this work in Jira!
The Jira integration is currently live for all Paraxial.io customers. If you would like to start using Paraxial.io, please reach out today.
Paraxial.io stops data breaches by helping developers ship secure applications. Get a demo or start for free.
Subscribe to stay up to date on new posts.