Maintain the security of your applications by automating issue tracking in Jira for critical vulnerabilities found in Snyk. This workflow template is designed to periodically scan your organization's Snyk projects for critical security issues. If a project has five or more critical issues, it verifies whether a Jira issue exists. If not, it creates one and attempts to assign it to the project owner. In cases where the Jira issue preexists, the workflow can either remind the owner or escalate the issue to their manager and document the action taken in Jira.
Trigger
Scheduled Event
Optional Triggers
Webhook,Slack,"Microsoft Teams"
Use Cases
Application Security Operations
Workflow Breakdown
Poll for the organization and all its projects in Snyk
Filter for projects that contain 5 or more Critical issues
Check to see if a Jira issue exists for the Snyk finding, if not open an issue attempt to assign to project owner
If Jira issue exists, ask to remind the owner or escalate to the owners manager
Update the Jira issue with the comments of reminders or escalation to the manager
Vendors
Slack, Utils, Microsoft Azure AD, Microsoft 365, Jira Cloud, Snyk
Workflow Output
Notifications via Slack
Tips
Modify the first set workflow variable step with the integration names for your tenant