Skip to content

Jira Integration

Automatically create Jira issues when critical CVEs match your assets.

Prerequisites

  • Jira Cloud or Jira Server (Data Center)
  • A Jira API token (not your password)
  • A project key where issues will be created (e.g. OT, SEC, ICS)

Generate a Jira API Token

  1. Go to id.atlassian.com/manage-profile/security/api-tokens
  2. Click Create API token
  3. Name it "BreachSpider Integration"
  4. Copy the token

Configure in BreachSpider

  1. Navigate to Integrations > Ticketing
  2. Click Add Rule
  3. Set trigger: environment, event type, severity floor
  4. Select destination type: Jira
  5. Fill in:
  6. Jira URL (e.g. https://yourorg.atlassian.net)
  7. Project Key (e.g. OT)
  8. Issue Type (default: Bug)
  9. Account Email
  10. API Token
  11. Click Test Connection
  12. Click Save Rule

Via API

import requests

api_key = "bs_live_your_key_here"
headers = {
    "Authorization": f"Bearer {api_key}",
    "Content-Type": "application/json"
}

rule = {
    "name": "Critical CVE to OT Jira",
    "environment_id": 5,
    "trigger_event": "cve.critical",
    "severity_floor": 9.0,
    "destination_type": "jira",
    "jira_url": "https://yourorg.atlassian.net",
    "jira_project_key": "OT",
    "jira_issue_type": "Bug",
    "jira_email": "[email protected]",
    "jira_api_token": "your-jira-api-token"
}

response = requests.post(
    "https://breachspider.com/api/v1/integrations/ticket-rules",
    headers=headers,
    json=rule
)

Jira Issue Format

BreachSpider creates issues with this structure:

Summary: [BreachSpider] CVE-2025-32433 - Critical RCE in Erlang/OTP (CVSS 10.0)

Description:
BreachSpider has detected a critical vulnerability affecting your environment.

CVE: CVE-2025-32433
BSID: BS-2025-254014-C
CVSS Score: 10.0 (CRITICAL)
BCS Score: 10.0
EPSS Percentile: Top 5%
KEV Flagged: Yes
Exploit Maturity: POC
Patch Available: Yes

Affected Assets:
- SCADA Middleware Server (Water Treatment Plant Alpha)

SAGE Analysis:
Critical pre-auth RCE in Erlang/OTP SSH server...

Remediation:
Upgrade to OTP-27.3.3, OTP-26.2.5.11, or OTP-25.3.2.20

References:
- BreachSpider: https://breachspider.com/ics-cve/CVE-2025-32433
- NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32433