Smart SOAR Integration

SOAR and ticketing systems like Jira have some similarities—they both intake queues of incidents and assign them to personnel for response—but their capabilities and the ways they are used are both largely distinct. D3 integrates with Jira Service Management to enable teams to leverage D3’s automation and orchestration to resolve requests (Jira’s term for tickets) with security implications. And conversely, D3 users can generate requests in Jira when a security incident requires action from another team, such as IT.

Jira Integration

Integration Features

Escalate Jira requests to D3 for automation-powered investigation and response
Create Jira requests from D3 to schedule IT-related security tasks
View lists of Jira requests broken down by request type
Orchestrate response across an unlimited number of integrated tools

Key Use Case

#1: Ticket Escalation

Service management tools like Jira aren’t the best way to handle security incidents, but nevertheless they are often used as stopgap solution for security. They can also be effective as a queue for multiple teams, with the SOC team being just one of many. Unfortunately, this legacy solution is not suited to modern cyber attacks and does not take advantage of the possibilities for better security offered by SOAR.

In order to enable stronger security processes without completely reconfiguring their IT infrastructure, Jira users can escalate requests to incident status in D3 when the request requires investigation by the SOC team. D3 can ingest request information, including the assignee, description, priority, and comments, which might include threat intelligence that was added in JIRA. An analyst can review the incident in D3 and trigger the appropriate playbook.

While preserving existing IT and SOC workflows, this integration gives SOC teams the ability to give high-risk incidents the investigation they deserve. Conducting incident response in D3 SOAR, instead of JIRA, adds the benefits of D3’s automation-powered playbooks, MITRE ATT&CK intelligence correlations, and security orchestration to every incident. D3 can also enrich the incident with additional threat intelligence, reputation lookups, and other valuable data via its 500+ other integrations.

Jira Integration

#2: Inter-Team Orchestration

Depending on how an organization is set up, both in terms of personnel and technology, certain security tasks must be carried out by the IT team. Ideally the SOC team could use their SOAR platform to orchestrate tasks via integrated tools, but in reality, orchestration might also require communicating between teams to carry out security workflows. In order to carry out this collaboration quickly enough to keep up with the pace of security incidents, organizations need tools that increase efficiency.

In organizations where the IT team uses Jira and the SOC team uses D3, D3 can create requests in Jira to assign IT-related security tasks. These might include blocking an IP, quarantining an endpoint, scheduling a patch, or scheduling a vulnerability scan. The D3 user can set the fields they wish to populate in the Jira ticket, such as the ticket number, priority, IP address, endpoint info, and the assigned user or team.

By linking your service management and SOAR solutions, your IT and SOC teams can collaborate while working in the tool they are comfortable with. SOC teams can place requests directly into the IT team’s queue, instead of sending a request by email and hoping for a response. The result is faster coordinated actions across the organization that avoid the common pitfalls of miscommunication.

Jira Integration

Meet Our Friends

Our Connected SOAR Security Alliance brings hundreds of vendors together, allowing customers to benefit from our deep industry relationships and fully vendor-agnostic, independent SOAR platform.

X Jira Integration

Get Started with D3 Security

One platform to stop alert overwhelm. Transform how your security team works, by focusing its resources on real threats.