Last Updated: 2024-01-10
Purpose
This article is dedicated to providing a technical perspective on Webhook integration, highlighting its crucial role in enhancing asset monitoring within organizational settings.
Introduction
Webhook Integration enables Outscan to send real-time event-driven data to external systems as HTTP requests. This facilitates instant notification when specific events occur—such as new findings, alerts, or status changes—allowing connected systems (for example, SIEMs, dashboards, automation workflows) to react immediately. Key parameters include defining the endpoint URL, HTTP method (POST/GET/PUT), authentication (None, Basic, OAuth), custom headers, retry intervals, and certificate configuration (including support for self-signed certs). Proper configuration ensures reliability, security, and flexibility in propagating Outscan events to external targets.
Description
Webhooks are a mechanism for enabling real-time communication between web applications. They allow one application to send automated, event-driven information to another application in the form of HTTP requests. Webhooks are typically used to notify or trigger actions in response to specific events or updates.
Here's an overview of what a Webhook is and what Webhook integration can do:
-
Real-time Event Notification: Webhooks provide a way for applications to instantly notify other systems about events or updates. For instance, when a security event is detected, such as an attempted intrusion or a malware outbreak, a webhook can be employed to immediately notify the incident response team, triggering real-time investigation and mitigation efforts.
-
Automation and Integration: Webhook integration allows organizations to automate processes by connecting different software applications and services. This integration streamlines workflows, reducing manual effort and minimizing the risk of errors. For instance, a security information and event management (SIEM) system can use a webhook to automatically enrich security event data with threat intelligence feeds, enhancing its ability to correlate and analyze potential threats in real-time.
-
Customization and Flexibility: Webhooks are highly customizable. Organizations can define which events trigger webhooks and how they respond to those events. This flexibility enables tailored solutions for various use cases, such as sending notifications, updating databases, or executing specific tasks.
-
Versatile Communication: Webhooks can be used for various types of communication, including data synchronization, status updates, or triggering actions. This versatility allows organizations to create dynamic, event-driven interactions between different systems.
-
Real-time Analytics and Monitoring: With Webhook integration, organizations can set up real-time analytics and monitoring systems. For example, a monitoring tool can receive webhooks from various servers and services, enabling immediate detection of issues or anomalies.
-
Improved User Experience: Webhooks can enhance the user experience by providing timely updates and notifications. For instance, a messaging application can use webhooks to deliver instant notifications of new messages or updates.
-
Ecosystem Connectivity: Webhooks facilitate connectivity within an ecosystem of applications and services. They enable third-party developers to extend the functionality of an application by integrating it with other tools and platforms through webhooks.
-
Event-driven Actions: Webhook integration allows organizations to trigger specific actions based on external events. For example, a network security system can automatically isolate a compromised device from the network as soon as it receives a webhook notification indicating suspicious or malicious activity detected by an intrusion detection system (IDS).
In summary, Webhooks are a powerful tool for real-time communication and automation in the digital landscape. Webhook integration empowers organizations to create dynamic, event-driven workflows, improve efficiency, and enhance user experiences by connecting and automating processes across various applications and services.
Add Webhook Integration
To add a new integration, follow these steps:
-
Click on the green
-
Select the desired integration configuration type from the drop-down menu.
-
Fill in the necessary parameters. See Webhook fields overview.
-
Click Add to finish creating the Webhook integration.
Webhook Fields Overview
|
Option |
Description |
|---|---|
|
Integration |
The selected integration type determines the available fields, which vary based on the chosen integration. |
|
Name* |
Descriptive name of the integration. |
|
URL* |
Represents the web address where Webhook data is sent when specific events occur, facilitating communication between systems or applications. |
|
Retry Interval |
Time duration between consecutive retry attempts that the system makes when there are difficulties in delivering Webhook payloads to the designated endpoint, influencing the timing of retry operations to optimize delivery reliability. Expressed in seconds. |
|
HTTP Method |
HTTP protocol method (e.g., POST, GET, PUT) used for sending Webhook payloads to the specified endpoint, determining the action to be performed when communicating with the remote host. When left empty it defaults to POST method. |
|
HTTP Headers |
Additional information or metadata provided within the HTTP request that accompanies Webhook payloads, conveying details about the data being transmitted and facilitating proper communication and processing between sender and recipient system. |
|
Password* |
Confidential authentication key or secret used in combination with the Username to verify the sender's identity when making HTTP requests to the Webhook endpoint. |
|
Upload certificate |
Digital security credential, often self-signed, that is used to establish a secure and trusted connection between the sender and the recipient of Webhook data, ensuring data integrity and confidentiality during transmission. |
|
Content Sample |
Represents a content sample of Webhook data is used to verify the Webhook integration works. |
Edit Webhook Integration
To configure the authentication method or upload a certificate for a host that employs a self-signed certificate, you must edit the created integration and provide additional details.
Authentication Types
None
When the None authentication type is chosen for a selected webhook integration, it is possible to upload a self-signed certificate, which must be in PEM format.
Basic
Similar to the None integration, this authentication method allows for uploading of a self-signed certificate in PEM format. Additionally, two more fields are present:
-
Username: The credential used in the Basic authentication context when communicating with the configured host.
-
Password: The corresponding password for the provided username in the Basic authentication context.
Webhook Integration OAuth
For information, see Webhook Integration with OAuth v2 document.
Related Articles
- 2FA on User Accounts
- Accepting a Risk
- Account
- Agent Assessment
- Agent Call Home
- Agent Installation Introduction
- Agent Introduction
- Agent Latest Version
- API Examples
- Asset Discovery
- Assets
- Authenticated Network Scan
- Automatic Asset Joining With Netsec
- Basic Credentials
- Certificates
- Change Instance Type on HIAB on Amazon Web Services
- Check Connectivity to Agent Server
- Checking if Agent is Running
- Checking if the Agent has Produced Results
- Checking Schedules from OUTSCAN in Agent
- Column Configuration
- Common Settings Panel
- Configuring and Accessing the HIAB console using SSH
- Container Inspection - Azure
- Converting Normal with Webapp Scans (Netsec) to Portal Workflows
- CyberArk Integration
- Delinea Integration
- Delta
- Discovering the Agent in OUTSCAN
- Discovery Scan Configuration
- Discussions and Commenting
- DNS Lookup in UI and in Console
- Download Agents
- Event Notification - Integration
- Event Notification - Use Cases
- Filters
- Finding the Agent Version
- Firewall Rules
- Firewall Setup for Agents
- General Information about SMB/WinRM Scanning
- Generate Reports
- Getting Started with the Portal
- Hardening the HIAB
- HIAB Backup
- HIAB Console
- HIAB Deployment Guide
- HIAB Distribution Settings
- HIAB E-mail Whitelisting
- HIAB Enrollment
- HIAB Maintenance Settings
- HIAB Remote SSH Guide
- HIAB Remote Support
- HIAB Restore
- HIAB Server Settings
- HIAB Setup Guide
- HIAB Updates
- Identity and Access Management (IAM)
- Importing Tags for AWS Discovery
- Installing a Linux Agent
- Installing a macOS Agent
- Installing a Windows Agent
- Integration Management
- Integrations
- Licensing Consumption
- Log In Using LDAP
- Log In Using Single Sign-On (SSO)
- Logging in to the Portal
- Managing Agents
- Managing Tags
- Marking as False Positives
- Network Discovery
- Network Host Assessment
- Notification Settings
- Notifications
- Object Identifiers
- PGP on User Accounts
- Portal Icon List
- Portal Integration with ServiceNow Incidents
- Ports
- Products
- Products Database
- Read Agent Scan Result
- Removing an Agent from Linux
- Removing an Agent from Windows
- Report Library
- Reports
- Resource Group Management
- REST API Interface Technical Document
- Retrieving a REST API Token From XMLAPI
- Retrieving Results From the Agent in OUTSCAN
- Retrieving the Agent UUID
- Role Management
- Scan Assessment Configuration
- Scan Blueprint
- Scan Configuration Settings
- Scan Credentials
- Scan Policies
- Scan Scheduling Errors
- Scan Stages
- Scanning Range
- Scans View
- Scheduled Reports
- Schedules
- Services
- Setting Up an Agent Using System Proxy
- SMB Credentials
- SNMP Integration
- Solutions
- SSH Credentials
- Subscriptions Overview
- Supported Browsers
- Syslog Integration
- Tags
- Technical Specification
- Troubleshooting checklists
- Understanding Scanner and Scheduler
- Updating the Agent
- User Management
- Using the Agent Info Command
- View Templates
- Virtual HIAB Appliance
- VMware vSphere Credentials
- Vulnerabilities
- Vulnerability Database
- Webhook Integration
- Webhook Integration with JIRA
- Webhook Integration with Microsoft Teams
- Webhook Integration with OAuth v2
- Workflows
- XML API Interface Technical Document