Streamline Mondoo Case Management with Jira

In today's fast-paced digital landscape, efficient case management is crucial for organizations to stay on top of security and compliance issues. Mondoo, a leading platform for continuous security and compliance assessment, has simplified how businesses can handle these critical aspects. However, to maximize its potential, integrating Mondoo with a robust project management tool like Atlassian Jira can streamline workflows and boost productivity. This article explores the seamless integration of Mondoo with Jira, a popular issue tracking and project management software. We will gain insights into Mondoo's case management capabilities, learn how to set up the Jira integration, and understand the workflow from Mondoo findings to Jira tickets. By the end, we’ll have a clear grasp of how this integration can enhance organizational security and compliance processes, making processes more efficient and effective.

Understanding Mondoo Case Management

What are Mondoo Cases?

Mondoo cases are the foundation of effective security and compliance management. They represent findings from continuous assessments of an organization's infrastructure. Mondoo continuously discovers and updates a full inventory of all assets in environments, providing structured data that allows teams to make informed decisions about upcoming changes and evaluate the impact of security findings. This comprehensive approach helps avoid blind spots in the infrastructure.

Benefits of Case Management With Jira

The integration of Mondoo cases with Jira issues creates a powerful workflow for managing security and compliance tasks and offers several key benefits:

• Real-world prioritization: By enriching infrastructure data with risk factors, contextual information, asset relationships, and security and compliance findings, Mondoo enables teams to prioritize effectively. This approach helps organizations focus on changes that have the greatest impact on infrastructure security, rather than chasing trivial alerts or implementing one-off fixes.
• Customizable security policies: Mondoo's security findings are built on a continuously discovered inventory of all systems and their relationships in the environment. Teams have complete control over security policies, allowing for tailored assessments that align with specific organizational needs.
• Case Information: The Jira issues that Mondoo creates from cases include all the details necessary for infrastructure owners to remediate findings, even if they don't have access to Mondoo.
• Visibility and collaboration: By linking Mondoo cases to Jira issues, teams gain full visibility into the status of security and compliance tasks. This facilitates collaboration between security, compliance, and development teams, leading to faster resolution of issues.

Configuring Jira Integration

Setting Up API Access

To begin the integration process, users need to set up API access for Jira. This involves creating an API token, which serves as a secure method of authentication. To create an API token from your Atlassian account follow these steps:

• Log in to https://id.atlassian.com/manage-profile/security/api-tokens.
• Click Create API token.
• Enter a memorable Label for your token and click Create.
• Save the token preferably in a secure password manager like 1Password

Connecting Mondoo to Jira

To connect Mondoo with Jira, we simply have to navigate to the space where we want to set up cases and, in the side navigation bar, select Cases or configure Jira by adding it as an Integration. To establish the connection, we need to provide Mondoo with specific details about our Jira instance:

• Jira Host: The domain for our Jira instance, which looks like this: https://your-workspace.atlassian.net
• Email Address: The email we will use to log into the Jira instance.
• API Token: The API token to access the Jira account.
• Automatic Case Closing: Mondoo offers the option of automatically closing Jira tickets after closing Mondoo Cases.

Workflow: From Mondoo Findings to Jira Tickets

Identifying Issues in Mondoo

Mondoo's comprehensive approach to security and compliance management begins with continuous assessment of an organization's infrastructure. The platform discovers and updates a full inventory of all assets in environments, providing structured data that allows teams to make informed decisions about upcoming changes and evaluate the impact of security findings.

Note that in order to continuously assess the organization's infrastructure, the integrations must be added through the UI or using Terraform and the corresponding policies must be enabled.

Creating Cases

When Mondoo identifies security or compliance issues, we can create cases that represent these findings. These cases are enriched with risk factors, contextual information, asset relationships, and security and compliance data. Mondoo offers two ways of creating cases: Advisories and Checks.

Only team members with Editor or Owner access can perform this task.

Create Cases from Advisories

1. In the Mondoo Console, we go to a space where we set up the Jira integration.
2. Under Vulnerabilities, we select Advisories.

3. Then we choose an advisory to track with a case and Jira issue.

4. We select CREATE CASE and Selected Assets to view affected assets.

5. We can select one or more assets to track in one case (and Jira issue). For separate tracking, we create individual cases.

6. In the dialog box, we choose a Jira project, edit issue details if needed, and click CREATE CASE. Mondoo creates a case in the space and a Jira issue in the selected project!

Create Cases from Checks

1. Similar to the advisories, we navigate to a space where we set up the Jira integration.
2. Under Security, we select Checks.

3. We then choose a check to track with a case and Jira issue.

4. We click CREATE CASE and Selected Assets to view failing assets.
5. We can select any asset to track. This creates one case for all chosen assets.

6. In the dialog, we pick a Jira project, edit the issue details, and click CREATE CASE. Mondoo will also create a new case in the space and a Jira issue in the selected project.

Now we can use cases to track the work of fixing failed checks in our existing workflow. When a Mondoo space has the cases feature configured, any team member can create a case from a check. Creating a case creates a new a Jira issue directly from the Mondoo Console.

Closing Cases

If the issue is solved, the case can be closed. For this, we navigate to the Cases tab and select the case we want to close. Closed cases cannot be reopened from Mondoo.

Note that if you close the issue in Jira, the corresponding case in Mondoo will not be closed as well.

To close Jira issues from Mondoo, the Jira board needs to have a “Done” status.

Conclusion

The integration of Mondoo with Jira has a significant impact on streamlining case management for security and compliance issues. By linking Mondoo's continuous assessment capabilities with Jira's robust project management features, organizations can boost their productivity and enhance collaboration between teams. This connection enables automatic ticket generation, customizable workflows, and efficient prioritization of security and compliance tasks.

To wrap up, the Mondoo-Jira integration offers a simple yet powerful solution to handle security and compliance challenges in today's fast-paced digital environment. It allows teams to focus on changes that matter most, automate compliance processes, and maintain a comprehensive view of their infrastructure. By leveraging this integration, companies can strengthen their security posture, streamline their workflows, and stay ahead in the ever-changing landscape of digital security and compliance.

If you want to learn more about Mondoo’s powerful security capabilities, check out our blogs at infralovers.com/blog!