Implement webhooks
This topic describes how to implement webhooks so CEM can send alerts to third-party software such as Security Orchestration, Automation, and Response (SOAR), authorization systems, and DevOps pipelines.
Before you begin
Make sure that:
-
You are a CEM administrator.
-
You know the webhook URL (endpoint) to the third-party software. This endpoint must support HTTP POST requests.
Configure a webhook
Step 1: Add the webhook details
You can add a webhook integration to third-party systems to perform an automated response or to alert stakeholders to a new finding.
To add a webhook
-
Go to Setup > Integrations > Webhook and click the plus to add a new webhook.
-
Enter the following details:
Item
Description
Webhook URL
Enter the webhook URL of the application to send CEM data.
Secret key (Optional)
Add an extra layer of security by attaching a secret to the webhook. Each time the webhook is sent, it is identified with this secret.
-
Click the Send token to URL button.
This sends a request for a token to the webhook URL.
-
Enter the Cloud Entitlements Manager token that you retrieved.
For example:
- Click the Validate token.
Step 2: Select the webhook format
You can choose from one of the following webhook formats:
|
Format |
Description |
|---|---|
|
Default |
The default CEM format can support all platforms; however, some of your applications may require format adjustments to be consumed. |
|
Slack compatible |
If you want to integrate with Slack, select this format. |
