Manage Targets

Azure Boards

Integrating Azure Boards with ZeroThreat helps you manage security vulnerabilities directly within your existing development workflow. You can assign issues to specific team members, and track vulnerability remediation through your regular sprint planning and backlog processes.

Whether you're running scans on demand or through a CI/CD pipeline, this integration ensures every confirmed vulnerability gets visibility within your Azure DevOps environment.

Prerequisites

Before you begin, make sure:

  • Your target application is verified in ZeroThreat.
  • You have an Azure DevOps account with access to the correct organization, project, and Boards.
  • Admin Consent is enabled in Entra ID: Your Azure tenant should have admin consent settings configured to allow and approve third-party app integrations like ZeroThreat.
  • You’re either the Azure admin or have the ability to request app authorization.
  • Your target is associated with a Professional Plan or any other plan that supports Issue Tracking integrations in ZeroThreat.

Step 1: Connect ZeroThreat to Azure Boards

  1. Navigate to the Targets ()section in ZeroThreat.
  2. Click on the "Continuous Integration" button () for your desired target and navigate to
  3. In the configuration drawer, click on the Issue Tracking () section.
  4. Locate Azure Boards and click the "Authorize" button.
Thumbnail

  1. You’ll be redirected to the Azure login page.
  • If this is your first time integrating with Azure Boards, a request for app approval will be sent to your Azure admin.
Thumbnail

  • Once the request is approved by your Azure Administrator, you’ll be be redirected back to your ZeroThreat dashboard.
Thumbnail

Step 2: Create Azure Boards Issues from a Scan Report

Once Azure Boards is connected:

  1. Go to the Scans () section in ZeroThreat.
  2. Open any completed scan report.
  3. Click the "AzureBoards Task" button at the top of the report.
Thumbnail

This will open a configuration popup to define how and where the issues should be created in Azure Boards.

Step 3: Configure Azure Issue Settings

In the Azure Board popup:

  • Select the Azure Member who will be assigned the issue.
  • Choose your Azure Organization and the relevant Project.
Thumbnail

Once selected, click Submit. ZeroThreat will connect and fetch available options based on your Azure DevOps permissions.

Step 4: Create Issues for Vulnerability

  1. A new drawer will open showing a list of all vulnerabilities in the scan report.
  2. Browse through the list and select the specific vulnerability you want to create as task in Azure Boards. Click Create Issue.
Thumbnail

All issues are immediately pushed to Azure Boards and can be tracked from either platform.

Step 5: View and Track Issues in Azure Boards

  1. Go to Created Issues in ZeroThreat to see all Azure Issues generated for that scan.
Thumbnail

  1. Click on any issue to open it directly in Azure Boards.
  2. Inside each Azure Issue is:
    • A detailed description of the vulnerability
    • HTTP request and response headers
    • Evidence (such as parameters, payloads, or proof of concept)
    • A link back to the full scan report in ZeroThreat
Thumbnail

It is important that you don't remove the two labels ZeroThreatAI and ZT-MB64TIIZ7253 (ZT-id). These two labels are used to enable bi-directional sync between ZeroThreat Portal and Azure Boards, removing them will result in the sync to stop.

Step 6: Bi-directional Comment Sync

ZeroThreat supports bi-directional comment syncing with Azure Boards, so you can manage collaboration across teams without switching platforms:

  • Leave comments in Azure Boards issue and they will automatically appear in the respective vulnerabilty entry in ZeroThreat.
  • Add comments from within ZeroThreat they will be synced back to Azure Boards.
Thumbnail

This ensures both security and engineering teams stay aligned on context and progress.

Step 7: Monitor Issue Status in ZeroThreat

To view the current status of the issues created, open the scan report where you initially generated the Azure Boards Issue. Click on the button () once again and select the same project you used earlier. This will display the latest details for each ticket, including its priority, the assigned team member, and the current status such as To Do, In Progress, or Done just as you would see directly in Azure Boards.

Thumbnail

This offers a security-first view of how your vulnerabilities are progressing through remediation.

Best Practices

  • Focus on creating Azure issues only for verified, and high-impact vulnerabilities to avoid noise.
  • Try aligning scan schedules with sprint cycles for improved remediation planning.

You're all set with Azure Boards.
Head over to our guide on Reviewing Scan Reports to learn and analyze different sections of the scan report.