Using Bug Tracking Systems to Help Manage Security Vulnerabilities

Developers fixing software defects often use a bug tracking system to help manage their workload. Security vulnerabilities are a type of bug, and getting vulnerability information into the bug tracking system helps developers take appropriate remediation measures, in line with other development activities. The result is more security awareness and faster remediation of security issues.

From Software Security Center, you can map to any of several bug tracking systems, so that your development team can file bugs into the bug tracking system you already use.

When a developer files a bug, Software Security Center populates bug tickets with the following basic vulnerability information:

• Details that describe the type of issue uncovered
• Remediation guidance, with instructions on the action to take
• A link back to Software Security Center for complete issue details