Implement webhooks

This topic describes how to implement webhooks so CEM can send alerts to third-party software such as Security Orchestration, Automation, and Response (SOAR), authorization systems, and DevOps pipelines.

Before you begin

Make sure that:

  • You are a CEM administrator.

  • You know the webhook URL (endpoint) to the third-party software. This endpoint must support HTTP POST requests.

Configure a webhook

Step 1: Add the webhook details

You can add a webhook integration to third-party systems to perform an automated response or to alert stakeholders to a new finding.

To add a webhook

  1. Go to Setup > Integrations > Webhook and click the plus to add a new webhook.

  2. Enter the following details:



    Webhook URL

    Enter the webhook URL of the application to send CEM data.

    Secret key (Optional)

    Add an extra layer of security by attaching a secret to the webhook. Each time the webhook is sent, it is identified with this secret.

  3. Click the Send token to URL button.

    This sends a request for a token to the webhook URL.

  4. Enter the Cloud Entitlements Manager token that you retrieved.

    For example:

  5. Click the Validate token.

Step 2: Select the webhook format

You can choose from one of the following webhook formats:




The default CEM format can support all platforms; however, some of your applications may require format adjustments to be consumed.

Slack compatible

If you want to integrate with Slack, select this format.