Skip to main content

Azure Boards

Azure Boards Integration



Integrating Azure Boards in Conviso Platform will let developers gain productivity while we do all the hard work by automating the whole vulnerability management triage process.

New vulnerabilities identified in Conviso Platfom are created in real time directly in Azure Boards.

With our two-way integration capability, every status update from both solutions are automatically updated in order to reduce the toil and increase productivity.

Integration Capabilities

This integration enhances issue control management and vulnerability consolidation between systems. It facilitates seamless interaction and communication between various aspects of the process. The integration offers the following capabilities:

From Azure Boards to Conviso Platform:

  • Foster interaction by providing data from Azure Boards with the development team responsible for corrections in Vulnerability Management from Conviso Platform.

From Conviso Platform to Azure Boards:

  • Generates new issues in Azure Boards based on events within Conviso Platform's Vulnerability Management System, such as identified vulnerabilities or completed security assessments.
  • Establishes a linkage between vulnerabilities detected in Conviso Platform and their relevant issues in Azure Boards, enhancing traceability and collaborative efforts.
  • Updates Azure Boards issues when specific actions occur in Conviso Platform's Vulnerability Management System, such as changes in vulnerability status, assessment completions, or updates to risk levels.
  • Transitions Azure Boards issues to appropriate workflow stages when vulnerabilities are resolved or mitigated within Conviso Platform's Vulnerability Management System.


To set up the integration, you'll need the following information:

  1. Azure Boards's login
  2. Admin permission in the project you're integrating


To seamlessly integrate Conviso Platform with Azure Boards, follow these step-by-step procedures:

1 - Configure the integration between Conviso Platform and AzureBoards

2 - Synchronize vulnerability statuses between Conviso Platform and Azure Boards using Webhooks

3 - Check integration status

Configure the integration between Conviso Platform and Azure Boards

Follow the instructions below to complete the integration setup.

Step 1 - Go to Conviso Platform, look for the Integrations (1) on the left side menu, choose Defect Tracker (2) at the Categories panel to the right and finally click the Integrate (3) button just below Azure Boards's card, as illustrated in the example image below:


Step 2 Log in with your Azure account and authorize Conviso Platform to integrate with your Organization and Projects


Step 3 - Severity Mapping refers to Azure Boards's card priority. Select which severity will be referenced to Azure Boards's priority:


Step 4 - Enter your Organization Name(1), then click Continue(2), you can get it by following image 2


If you don't know your Organization Name, there's no problem, you can get it by logging in your Azure Boards's account, it shows in the page and in the url


Step 5 - Click the Add button the link an asset in Conviso Platform to a board in Azure Boards


Custom Configuration vs Default Configuration

At this point in the process, you have two options: Custom Configuration or Default Configuration.

With Custom Configuration, you can specifically link a Conviso Platform asset to a single Azure Boards board. On the other hand, Default Configuration enables you to link all available assets under Conviso Platform to a single Azure Boards board by default — providing a standard integration setup.

Note: In the event that you have both a custom configuration for a specific asset and a default configuration for the integration, the custom configuration will always take precedence over the default configuration.

a) Custom Configuration

Step 6 - Select the Conviso Platform Asset you want to associate with your Azure Boards Project, Teams, Boards, and finally Azure Boards Lane.


b) Default Configuration

Step 6 - Check the Default Configuration field, notice that the Asset label will is no longer available, select the Azure Boards Project, Boards, and Lane.


Step 7 - Consider the following in order to map Conviso Platform statuses to Azure Boards statuses: Identified status (1) is required to map the vulnerabilities from Conviso Platform to Azure Boards, while other fields (2) are optional. After mapping all the statuses, click on the Add button.


Synchronize vulnerability statuses between Conviso Platform and Azure Boards using Webhooks

Step 1 - Copy and save the WebHook URL, you're going to use it in Azure Boards for a future step


Step 2 - In the Project page, go for Project Settings, then to Service hooks(you'll only be able to get here if you're a project admin) , and then, click in the add icon



Step 3 - In the service hooks, choose the option Web Hooks


Step 4 - Select the Trigger(1) Work item updated, and select the Board Column option in the Field filter(2)


Step 5 - Paste your WebHook URL that you got from Conviso Platform


The integration with Azure Boards is done and every update in your boards will be updated in Conviso Platform as well

Check integration status

In Configuration page, click on the Check connection (1) button to verify if the authentication is working properly (2):



Should you have any questions or require assistance while using the Conviso Platform, feel free to contact our dedicated support team.


By exploring our comprehensive content, you’ll discover resources that will enhance your understanding of AppSec.

Conviso Blog: Access a wealth of informative videos covering various topics related to AppSec. Please note that the content is primarily in Portuguese.

Conviso's YouTube Channel: Engage with our informative podcast, where we discuss AppSec-related subjects, providing valuable insights and discussions. The podcast is conducted in Portuguese.

AppSec to Go - Conviso's Podcast on AppSec: Explore our blog, which offers a collection of articles and posts covering a wide range of AppSec topics. The content on the blog is primarily written in English.