Generating Tickets

Mayo ASPM uses a 3-step wizard to generate tickets from your findings. This ensures only actionable, well-formed tickets reach your issue tracker.

---

Prerequisites

• Jira connected with at least one project mapping configured
• At least one completed scan with findings
• Triage policies configured (recommended but not required)

---

The 3-step wizard

Step 1 — Select findings

Choose which findings to include in ticket generation:

1. Navigate to Findings or open a specific project.
2. Apply filters to narrow down findings:
   • Severity: Critical, High, Medium, Low
   • Status: Open, Triaged, Confirmed
   • Scanner: Filter by scanner type
   • Age: How long the finding has been open
3. Select findings individually or use Select All (respects current filters).
4. Click Generate Tickets.

Start with Critical and High

On your first ticket generation, filter to Critical and High severity only. This keeps the initial batch manageable and ensures your team addresses the most important issues first.

---

Step 2 — Configure grouping

Choose how findings are grouped into tickets:

Grouping strategy	Description	Best for
By vulnerability	One ticket per unique CVE or vulnerability ID	Dependency vulnerabilities
By file	One ticket per affected file	Code-level findings (SAST)
By package	One ticket per affected package	SCA findings
By asset	One ticket per repository or asset	Broad remediation efforts
Individual	One ticket per finding	Small batches, high-severity items

Example: "By vulnerability" grouping

CVE-2026-1234 found in:
  - package.json (lodash@4.17.20)
  - apps/api/package.json (lodash@4.17.19)
  - libs/common/package.json (lodash@4.17.20)

→ Generates 1 ticket covering all 3 occurrences

Info

You can preview the grouping result before proceeding. The wizard shows how many tickets will be generated and which findings each ticket will contain.

---

Step 3 — Review and confirm

The final step shows a preview of every ticket that will be created:

1. Review each ticket's title, description, severity, and assignee.
2. Edit any field directly in the preview if needed.
3. Remove individual tickets from the batch if they shouldn't be created.

4. Choose the delivery mode:

   • Push to Jira immediately — tickets are created in Jira right away
   • Save as drafts — tickets are saved in Mayo ASPM for further review before pushing

5. Click Generate.

---

Ticket preview fields

Each ticket preview shows:

Field	Source
Title	Auto-generated from finding type and identifier
Description	Includes finding details, affected locations, remediation steps, and a link back to Mayo ASPM
Severity / Priority	Mapped from finding severity using your field mapping configuration
Assignee	From ownership policy, project default, or manual selection
Labels	mayo-aspm, scanner name, severity
Jira Project	From your project mapping

---

After generation

Once tickets are generated:

• Each finding is linked to its ticket — visible in the finding detail view
• The Tickets tab shows all generated tickets with their Jira status
• Bi-directional sync begins tracking status changes

Viewing generated tickets

Navigate to Tickets in the left sidebar to see all tickets. Filter by:

• Status: Draft, Open, In Progress, Resolved, Stale
• Project: Filter by Mayo ASPM project
• Severity: Filter by ticket severity
• Date: When the ticket was generated

---

Re-generating tickets

If you need to update a ticket (e.g., new findings were added to the same vulnerability):

1. Open the ticket in Mayo ASPM.
2. Click Regenerate.
3. The ticket description is updated with the latest finding data.
4. A comment is added to the Jira issue noting the update.

Warning

Regeneration updates the description but does not overwrite manual edits to the Jira summary or other fields your team has modified.

---

Bulk generation via API

For automation workflows, you can generate tickets via the API:

curl -X POST https://mayoaspm.com/api/tickets/generate \
  -H "Authorization: Bearer mayo_ak_..." \
  -H "Content-Type: application/json" \
  -d '{
    "project_id": "proj_abc123",
    "filters": {
      "severity": ["critical", "high"],
      "status": ["triaged"]
    },
    "grouping": "by_vulnerability",
    "delivery": "push"
  }'

---

Best practices

1. Triage before ticketing — run findings through the triage funnel to eliminate noise.
2. Group thoughtfully — use "by vulnerability" for SCA and "by file" for SAST.
3. Start with drafts — review the first batch as drafts to calibrate quality before pushing.
4. Set ownership policies — automate assignee selection so developers get the right tickets.

---

Next steps

• Triage funnel — understand how OPA policies filter findings
• Connect Jira — set up your Jira integration