The Remediation > Integrations interface allows you to configure third-party ticketing integrations. Currently DeepSurface supports a direct integration with Atlassian Jira and a generic "Ticketing via Email". To configure either, click the new integration button in the top right to get started.
To configure DeepSurface to work with Atlassian Jira, you must have the following things prepared:
If you have all of those things ready to go, select the "Atlassian Jira" option from the dropdown and fill out the form. The form is filled out in 2 steps, give this integration a friendly name to remember it by and then enter the url of your organization. If your team uses a cloud-hosted Jira installation, the URL will typically resemble: https://YOUR-COMPANY.atlassian.net/. Proceed to enter the username and API key for the given user and once all fields are completed, you will see a button appear that you can click to fetch the projects. Once clicked, DeepSurface will attempt to call the Jira API and return a list of available projects within your Jira organization. If all information was entered correctly, you should then be able to choose a project from the now visible select field. At this point, your Jira integration is fully configured and you will be able to export tickets from remediation, however we encourage you to optionally now map the DeepSurface users to the Jira users that are part of the integration we just finished configuring. If you choose to, click "Save and Map Users" to be taken to the user mapping interface. Here you will see all of the DeepSurface users in one column, and an empty column on the right for the user they are mapped to. For each DeepSurface user, you can search for a Jira user and select one to map the given user to. Once mapped, DeepSurface can then know who to assign a ticket to as it exports tasks and creates tickets for Jira users. Mappings can be edited or removed at anytime from this interface or from the Setup > Authentication > Users area by clicking on a user and updating a given user on a one-by-one basis.
If you do not use Jira in your organization, you may want to instead handle ticketing via a centralized email address. DeepSurface plans to support many third party ticketing options in the future, but many either do not have an API or are not on our current roadmap. For this reason, you can configure a ticketing integration that simply sends all tickets to one centralized email address. Configuring this type of integration is very straightforward, simply give this integration a memorable name, fill in the destination email address, and then optionally edit the subject prefix that will be present in the emails that DeepSurface sends out. Important note in order for DeepSurface to send emails, the system must be have SMTP settings correctly configured in the Setup > General Settings > SMTP Settings section.
Below you can see what the main ticketing section would look like if you have a correctly configured Jira and Email integration.
Once at least one ticketing integration has been configured, you will now be able to export remediation tasks as tickets. Before returning, to a remediation plan, however, we are going to look at how you can set an export preference on a per user basis, so that when you go to export a remediation plan, each task can be pre-populated with each preference, making the export process much more straightforward and seemless.
For DeepSurface to work with Tanium, you need your Hostname/Server
and a Secret
.
Hostname/Server refers to the GraphQL API endpoint provided by Tanium. This needs to be provided by some Tanium representative. It will most likely be similar to the Tanium's Dashboard url.
To get a valid secret, an API-Token needs to be generate. To do this, follow these steps:
secret
field in DeepSurface, and save the configuration.One powerful feature that DeepSurface offers is the ability to set an export preference for each user in the DeepSurface system. That way, when you go to export tasks from rememdiation, DeepSurface will look at the owner of each task and pre-fill the export destination for each task based on what that owner's export preference is. This can also be updated, removed, or overridden at any time in the process. Once you have at least one properly configured ticketing integration, head to the Setup > Authentication > Users area of the application and edit an existing user that you would like to setup an export preference for. You will notice a field in the left column of the user form called "Preferred Ticketing Integration". This field defaults to "Email me Directly" if left in its default state, any exported tickets for this user (unless overridden during the export process) will go to this user directly, to this user's email address. Of course, if no email address is configured for this user, that will not be possible and one will have to be entered when exporting.
The other options for setting an export preference depend on what ticketing integrations have been configured already. All properly configured integrations will appear as options in the dropdown and you are free to select any that you like for this user. If a "Ticketing via Email" integration is selected, then no further input is needed and the interface will simply display the destination email that tickets will be sent to. If an "Atlassian Jira" integration is selected, then you will have the choice to optionally search for and map this user to a user that exists within the chosen Jira integration.
If you choose to map a user, then the externally mapped user will display on the row for this user in the main Setup > Authentication > Users section.
Now that preferences have been set for each user, the export process (covered in the next section) will be much smoother.