Skip to main content
Skip table of contents

Configure Mend for Jira Cloud

Overview

The Mend Integration for Jira Cloud allows you to manage how security findings are reported and mapped between the Mend AppSec Platform and your Jira projects. You can onboard multiple Mend organizations and configure how issues are created across them, all from a single Jira Cloud integration. This provides a unified experience, eliminating the need to manage separate plugin instances for each organization.

Getting it done

Manage your Mend Organizations and Mappings

  1. After onboarding your Mend Organization(s), you’ll be navigated to the Organizations page where you can manage your connected Mend organizations and configure the mappings of each one.

image-20250504-231232.png
  1. Clicking on a connected organization opens a pop-up window with three configuration sections:

    1. Overview — Provides a summary of the connected Mend organization. It includes key integration details such as organization UUID, connection status, mode (e.g., Create Issue), timestamps for integration and updates, and the user who last modified the settings. This is your central reference for the integration status and setup metadata.

      image-20250409-002255.png
    2. Mapping — Allows you to define how Mend applications and projects are linked to Jira Cloud projects. By default, all items map to a single Jira project, but you can add specific exceptions using the "Add Mapping" option. This ensures issues are created in the right context for each project or application. Click Save to activate the selected mappings.

      image-20250409-002401.png
    3. Labels — Enables the configuration of Jira labels for issues created through the Mend integration. Labels can include Mend attributes, free-text values, or existing Jira labels. When labels are defined at both the integration and project levels, they are automatically merged into a single consolidated list.

      image-20250825-125929.png
    4. Advanced Settings — Includes advanced configuration actions. Here, you can switch the integration mode (e.g., to Jira Security Dashboard), update the activation key to re-integrate with Mend, or remove the organization entirely from the Jira Cloud plugin.

      image-20250409-002220.png

Note: Alternatively, you can click the three-dot menu (⋮) on the right side of the organization entry. This opens a contextual menu where you can access additional actions, such as editing the mappings, updating the activation key, or removing the organization.

image-20250409-001634.png

Work Item Type Mapping

You can customize the Work Item Type fields Mend uses to create issues by adding, editing, or deleting mappings of Mend attributes to existing Jira fields for a selected issue type within a Jira project.

The supported work item types to configure are:

  • [Default] Mend Types (Dependencies, Code, Containers)

  • Task

  • Sub-Task

  • Story

  • Bug

  • Epic

  1. Navigate to the “Work Item Type Mapping” tab, where you will see your Jira projects, their default Work Item Type, the number of Mend organizations linked to this Jira project, and the last updated date of this configuration.

  2. To customize the Work Item Type, click on the Jira project name or the pencil button.

image-20250825-124915.png
  1. The default Work Item Type is “Mend Types”, but you can select each supported type from the list.

image-20250825-130019.png
  1. When selecting a Work Item Type, you can configure the field values and use Mend attributes for the supported field types.

image-20250825-125847.png
  1. Click Save to apply the changes for all future Jira issues created through the integration.

Notes:

  • Changes to a work item type will apply to all tickets that will be created for this Jira project.

  • Mend Work Item Types are pre-configured and cannot be customized.

  • Jira field types with pre-defined options, such as Dropdown, Multiple Selection, or List, aren’t supported for customization with Mend attributes.

  • Mend doesn’t support work item types with mandatory fields that cannot be set via the integration.

Supported Attributes List

Attribute Name

Format

Example Value(s)

Org Name

Plain text

Mend

Application Name

Plain text

Online Storefront

Project Name

Plain text

frontend-ui

Org UUID

Value, Key:Value

3e4-54rff-546-654654, org_uuid: 3e4-54rff-546-654654

App UUID

Value, Key:Value

app_uuid: ab12-34cd-56ef

Project UUID

Value, Key:Value

project_uuid: xy98-76zy-12wx

Severity

Plain text

High, Medium, Low

Violating

Value, Key:Value (Boolean)

true, Violating: true

Fix Available

Value, Key:Value (Boolean)

true, Fix available: true

Reachable

Value, Key:Value (Boolean)

true, Reachable: true

Exploitable

Valu, Key:Value (Boolean)

true, Exploitable: true

Malicious

Value, Key:Value (Boolean)

true, Malicious: true

Scan Engine

Plain text

Dependencies (SCA), Code (SAST), Containers

Created By

Contextual text

Manual: john.doe@mend.io, Workflow: Auto Remediation

Onboard Mend Organizations

The Mend Integration for Jira Cloud supports connecting and managing multiple Mend organizations from a single Jira Cloud plugin. This provides a unified view and experience, enabling you to manage issue creation across various Mend organizations without switching between separate plugin instances.

Follow these steps to enable and configure the multi-org view within the Jira Cloud plugin:

  1. After installing the Mend Integration for Jira Cloud, as described here, you’ll see the following screen:

    image-20250408-161614.png
  2. On the Add an Organization page, add your activation key from the installation step into the Mend Platform Activation Key section.

  3. Select which Vulnerability Notification Preference you prefer:

    1. Create Issues: Using a pre-defined workflow from your organization in the Mend Platform, automatically create Jira issues for findings that meet the conditions of the workflow, or create issues manually.

    2. Jira Security Dashboard (beta) - SCA Only: Monitor your Jira projects with a centralized view of security issues and risks across your organization.

  4. Assign your Default Jira Cloud Project to where the issues will be created (Relevant only to “create issues” mode).

  5. Click on Add Organization to activate the Mend for Jira Cloud plugin.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.