Issue Tracker Integration¶
SentriKat can automatically create issues in your project management tools when new vulnerabilities are detected, streamlining your remediation workflow.
New in v1.0.2
Issue tracker integrations were added in SentriKat v1.0.2.
PRO Feature
Issue tracker integration requires a PRO license.
Supported Platforms¶
| Platform | Issue Creation | Status Sync | Labels/Tags |
|---|---|---|---|
| Jira | |||
| GitHub Issues | |||
| GitLab Issues | |||
| YouTrack |
Configuration¶
Jira¶
- Go to Admin > Settings > Integrations > Jira
- Configure:
- Server URL: Your Jira instance URL (e.g.,
https://company.atlassian.net) - Email: Your Jira account email
- API Token: Generate at id.atlassian.com/manage-profile/security/api-tokens
- Project Key: The Jira project to create issues in (e.g.,
SEC) - Issue Type: Task, Bug, or Story (default: Task)
- Click Test Connection
- Save
GitHub Issues¶
- Go to Admin > Settings > Integrations > GitHub
- Configure:
- Repository: Owner/repo format (e.g.,
company/security-tracking) - Personal Access Token: Generate at github.com/settings/tokens with
reposcope - Click Test Connection
- Save
GitLab Issues¶
- Go to Admin > Settings > Integrations > GitLab
- Configure:
- GitLab URL: Your GitLab instance (e.g.,
https://gitlab.comor self-hosted) - Project ID: Numeric project ID from Settings > General
- Personal Access Token: Generate in User Settings > Access Tokens with
apiscope - Click Test Connection
- Save
YouTrack¶
- Go to Admin > Settings > Integrations > YouTrack
- Configure:
- Server URL: Your YouTrack instance URL
- Project ID: The YouTrack project short name
- Permanent Token: Generate in Profile > Account Security > Tokens
- Click Test Connection
- Save
Automatic Issue Creation¶
Configure rules for when issues are created automatically:
- Go to Admin > Settings > Integrations > Rules
- Create a rule:
- Trigger: New vulnerability match, status change, or due date approaching
- Severity Filter: Minimum severity to create issues (e.g., High and above)
- Platform: Which issue tracker to use
- Assignee: Auto-assign to a team member (optional)
- Labels: Tags to apply (e.g.,
security,kev,critical)
Example Rules¶
| Rule | Trigger | Severity | Platform |
|---|---|---|---|
| Critical KEVs | New match | Critical | Jira |
| All KEVs | New match | All | GitHub Issues |
| Overdue items | Due date passed | High+ | GitLab |
Issue Format¶
Created issues include:
- Title:
[KEV] CVE-2024-3400 — Palo Alto PAN-OS (Critical) - Description:
- CVE details and CVSS score
- Affected products in your inventory
- CISA due date
- Ransomware indicator
- EPSS score
- Remediation guidance
- Link back to SentriKat vulnerability detail
Status Sync¶
When you acknowledge or resolve a vulnerability in SentriKat, the linked issue is automatically updated:
| SentriKat Status | Issue Action |
|---|---|
| AFFECTED | Issue created (Open) |
| LIKELY RESOLVED | Comment added |
| RESOLVED | Issue closed with comment |
| Acknowledged | Comment added with acknowledgment note |
Manual Issue Creation¶
You can also create issues manually from any vulnerability:
- Go to Vulnerabilities > Select a vulnerability
- Click Create Issue
- Select the target platform
- Review and confirm
Troubleshooting¶
Issues Not Being Created¶
- Verify the integration is configured in Admin > Settings > Integrations
- Check the API token has the required permissions
- Verify the project/repository exists and is accessible
- Review logs:
docker compose logs sentrikat | grep issue_tracker
Authentication Errors¶
- Jira: Ensure you're using an API token, not your password
- GitHub: Token needs
reposcope for private repositories - GitLab: Token needs
apiscope - YouTrack: Use a permanent token, not a session token
Next Steps¶
- Alerts for email and webhook notifications
- SIEM Integration for SIEM forwarding
- Compliance Reports for regulatory reporting