About Bug Tracker Integration
Fortify Software Security Center enables your team to submit bugs to your bug tracking system from Fortify Software Security Center during issue auditing. Fortify Software Security Center supports integration with the following bug tracking systems:
-
Bugzilla
Note: Integration with the Bugzilla bug tracker plugin requires that you enable XML-RPC in Bugzilla. For instructions, see https://www.bugzilla.org/docs/4.4/en/html/api/Bugzilla/WebService/Server/XMLRPC.html
- Jira
-
Jira Cloud
Note: If you use Jira Cloud, you must use your Jira authentication token in the Password field at login.
- ALM
-
Azure DevOps Server
Important! The Repro Steps field in Azure DevOps, which displays Fortify bug descriptions, is hidden by default for issue work items. If you use Azure DevOps 2019.1 or later version, and you use the Basic process, you must customize Issue work items to see the Repro Steps field.
Important! If you use Azure DevOps, you must use a personal access token generated from Azure DevOps in the Password field at login. For information about Azure DevOps personal access tokens, see https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows.
Note: If your organization uses a bug tracking system other than those that Fortify supplies, you can author a new plugin for that system. For instructions, see Authoring Bug Tracker Plugins.
For information about how to set up and use bug tracking systems to manage the security vulnerabilities for your application versions, see Using Bug Tracking Systems to Help Manage Security Vulnerabilities.