Skip to main content

Overview

ZeroPath integrates with Jira Cloud to push security findings as Jira issues and sync status changes back. When a Jira issue is resolved, the corresponding ZeroPath finding is automatically marked as resolved.

Setup

Both methods register a webhook in your Jira instance for bidirectional sync.

Manual Issue Export

From any finding in the ZeroPath dashboard:
  1. Click “Export to Jira” on the issue detail view.
  2. Select a Jira project, issue type (Bug, Story, Task, etc.), and optionally an epic and assignee.
  3. ZeroPath creates the Jira issue with full vulnerability details — title, description, affected file, severity, CVSS score, CWEs, code snippet, and patch link if available.
The Jira issue key is linked to the ZeroPath finding for bidirectional tracking.

Automatic Ticketing

Configure automatic issue creation for new findings:
  1. Go to Settings → Integrations → Jira → Auto-Ticketing.
  2. Set a score threshold — only findings above this score create Jira tickets.
  3. Choose which scan types trigger tickets (Full Scan, PR Scan, SCA, etc.).
  4. Select the Jira project and issue type.
  5. Optionally configure auto-assignment, custom templates, and scope (all repos, specific repos, or repos matching specific tags).

Custom Templates

Auto-ticketing supports customizable title and description templates with variables:
  • {{severity}}, {{issueTitle}}, {{repositoryName}}, {{affectedFile}}, {{vulnClass}}, and more.
  • Custom Jira fields can be mapped to ZeroPath finding data or static values.

Bidirectional Sync

When a Jira issue’s status changes to Done, Resolved, Closed, or Completed, ZeroPath automatically:
  • Marks the corresponding finding as Resolved
  • Records who made the change and when
  • Logs the state transition in the finding’s audit trail
This sync is powered by a webhook registered in your Jira instance during setup.
Jira Cloud webhooks expire after 30 days. If sync stops working, reconnect the integration from Settings → Integrations to refresh the webhook.

Troubleshooting

Ensure the integration is connected in Settings → Integrations.
Check if the Jira webhook has expired (30-day limit). Reconnect the integration to refresh it. Also verify the Jira issue key matches a ZeroPath finding (the link is created during export).
Check that the selected project and issue type exist in your Jira instance. Ensure required Jira fields are configured in the auto-ticketing settings.