new threadfix user - y threadfix

[Eugene T]

Hi All,

I'm a threadfix n00b. I'm a current user of ZAP, Burp paid, Nexpose paid, Vega, and several others in my linux distro.

Looking at using threadfix as the default reporting for several web properties each with it's own set of resources in QA, Dev, managers, etc...

I'm currently looking to setup threadfix as a proof of concept intgrated with Burp, ZAP, (nexpose would be nice), along with JIRA, Jenkins, and Sellenium. Goal is to show an actual start to finish from auto/manual scan to reporting to tickets. 

Intended use is for a seamless dashboard for management and reporting, a way for QA to utilize ZAP/Burp (in manual and automated fashions) and have the results post in threadfix with consolidated tickets in Jira for Devs to fix.

Post POC, will look for a support package from DenimGroup for even deeper integration and troubleshooting.

I hope I can contribute to the forum with lessons learned along my journey.

Thanks. 

Eugene T

Information Security & Compliance