Skip to main content

Bidirectional sync with Jira (Northstar)

Northstar integrates with Jira to streamline security workflows for both Security Operations and AppSec teams. The integration automatically creates Jira tickets for security events—Incidents and Issues—routes them to the right projects, and enriches them with technical context like source IPs, request URLs, vulnerability type, and severity.

This integration eliminates manual per-application setup through group-based routing. Administrators can map Jira projects and issue types to resource groups, so any newly onboarded application inherits the correct routing rules automatically.

Key benefits

  • Automate routing: Security events reach the correct Jira project without manual intervention, including for new applications via groups.

  • Contextual enrichment: Tickets include technical observables (source IPs, URLs, vulnerability type, severity, Contrast Risk Score) to expedite triage.

  • Synchronized resolution: Closing a Jira ticket automatically updates the corresponding incident or vulnerability status.

  • Centralized communication: Comments sync between platforms, so investigation history stays unified.

  • Single-pane workflow: SOC and AppSec teams manage the complete lifecycle—triage, remediation, closure—without leaving Jira.

  • Scale without overhead: Group-based configuration means onboarding hundreds of applications requires zero additional routing setup.

Trigger types

The integration supports two trigger types. Each can be configured independently, with separate routing rules, Jira projects, and issue type mappings.

Incidents

When Contrast detects a security incident (for example, an attack or exploit attempt), the integration opens a Jira ticket in the configured project. Tickets are enriched with:

  • Source IP addresses and request URLs

  • Incident type and severity level

  • Direct link back to the incident in Contrast

Issues

When Contrast detects a new vulnerability, the integration can automatically open a Jira issue (like a Bug or Task). Vulnerability tickets are enriched with:

  • Vulnerability Type (for example: SQL Injection, Cross-Site Scripting)

  • Severity rating

  • Contrast Risk Score (0.0–10.0), mapped to the corresponding Jira priority or severity field

  • Direct link to the finding in Contrast

Risk score to Jira priority mapping

The default mapping between Contrast Risk Scores and Jira priorities is shown below. This mapping is configurable per routing rule.

Contrast Risk Score

Contrast Severity

Default Jira Priority

8.0-10.0

Critical

Highest

6.0-7.9

High

High

4.0-5.9

Medium

Medium

2.0-3.9

Low

Low

0.0-1.9

Note

Lowest

Group-based routing

Administrators can configure Jira routing at the resource group level, rather than per individual application. This is the recommended approach for large organizations or teams that onboard applications frequently.

How it works

  • Select a Resource Group as the routing source for a rule, instead of a single application

  • Map Applications to specific Jira projects and Issue Types

  • Any application subsequently onboarded to a mapped group automatically inherits the routing rule—no further configuration required

  • Create multiple configurations for different Applications or Jira projects

Note

Group-based rules are additive. You can mix both approaches in the same Jira connection.

Bidirectional sync

The integration keeps status and comments synchronized between Jira and Northstar in both directions, for both Incidents and Issues.

Status sync

Event type

Jira transition

Contrast result

Incident

Done / Closed

Incident resolved in Contrast

Issue

Done / Closed

Vulnerability marked Remediated or Closed in Contrast

Comment sync

  • Comments added to a Jira issue sync back to the corresponding Incident or Vulnerability activity feed in Contrast

  • Comments deleted in Jira are also removed from Contrast

  • This gives both SOC analysts and developers a complete, unified investigation record without switching tools

Configuration

Before you begin

Ensure you have:

  • A Jira account with API token access

  • Administrator access in Northstar

  • One or more Jira projects to route tickets into

Set up Jira credentials

  1. For Northstar, in the left navigation, select AdministrationIntegrations.

  2. Select the Jira option under the Integrations section.

  3. Under the Manage Credentials tab, enter:

    1. Credential name: for use in Northstar

    2. Jira URL: Provide the URL for your Jira instance

    3. Email: email address associated with the Jira account

    4. API token: API token for the Jira account

  4. Select Test connection to test the connection. The test may take a few moments if you have many Jira projects. The test confirms that Contrast can reach the specific Jira instance, and the user can log in.

  5. Save the connection.

Add a Configuration

  1. Open the Jira integration and go to the Configuration tab.

  2. Complete the required fields:

    1. Configuration name

    2. Jira credential to help identify the ticket to connect

    3. Applications to activate Jira tickets for security issues

    4. Jira project to which the ticket is connected

    5. Default issue type

  3. Complete optional fields as needed:

    • Ticket Title Prefix

    • Default Epic

    • Default Assignee

    • Additional Fields: Select additional fields and values to send to Jira, such as Labels. (Not all Jira fields are supported).

  4. Enable Bi-Directional Flow (optional) to sync Jira issues with Northstar automatically. This requires your Jira admin to configure a provided Webhook URL.

  5. Select the Northstar issue and/or incident severities you want Jira issues to be created from.

  6. Select Save.

Note

When enabling the integration, Northstar will not automatically create Jira items for existing issues and/or incidents. The integration will only create Jira items for NEW issues and/or incidents.

Metrics and instrumentation

The integration tracks the following metrics automatically and is accessible within the Contrast platform.

Metric

Description

Ticket volume

Number of Jira tickets created per trigger type (Incident / Vulnerability), broken down by tenant/organization

Mean Time to Remediate (MTTR)

Time elapsed from Jira ticket creation to ticket closure or Done transition. Enables teams to track remediation velocity over time.

In this section: