Webhook Integration

Data Theorem supports integrating with customers via webhooks. The guide below will walk you through how to start receiving Data Theorem events via webhook.

The following Data Theorem events can be sent via the webhook integration:

Mobile Secure

  • When a finding note is created

  • When a finding note is deleted

  • When a new finding target is created

  • When a finding target is fixed

  • When a finding target is closed and marked “Risk Accepted”

  • When a finding target is closed and marked “Compensating Control”

API Secure, Web Secure, Cloud Secure

  • When a policy violation was opened.

  • When a policy violation was resolved

  • When a policy violation is closed and marked "Won't Fix“.

  • When a network service is discovered

Mobile Protect and API Protect

Mobile Protect and API Protect events can also be exported.

Setting up the Webhook Integration

Requirements

Step 1: Confirm Your Webhook Endpoint Is Configured Correctly

To confirm your webhook endpoint is configured correctly, run the command below and confirm that it succeeds.

If Your Webhook Endpoint Uses HTTP Bearer Token Authentication:

curl -k "https://<your webhook url>" \ -H "Authorization: Bearer <your bearer token>" \ -H "Content-Type: application/json" \ -d '{"event": "Hello, world!"}'

If Your Webhook Endpoint Uses URL Authentication or No Authentication:

curl -k "https://<your webhook url>" \ -H "Content-Type: application/json" \ -d '{"event": "Hello, world!"}'

Step 2: Enable Webhook Integration

You can configure webhooks directly in the DevSecOps section of the portal.

Events

The format of events to be sent via the webhook integration is available at https://docs.securetheorem.com/schema/webhook_schema.json and additional sample events are available at https://docs.securetheorem.com/webhooks/overview.html .

Example Event

{ "event": { "type": "API_SECURE__POLICY_VIOLATION_RESOLVED", "data": { "uuid": "924f1fb0-ebaa-4dfd-9297-390c0df18b44", "affected_asset": { "uuid": "ed1d9485-5672-4db0-81aa-f8e5c96ba750", "name": "gumtree.com.au", "portal_url": "https://dev-acheron.appspot.com/api/network-services/ed1d9485-5672-4db0-81aa-f8e5c96ba750", "date_created": "2020-07-23T08:18:30.450602+00:00", "discovered_via": "WEBSITE_CRAWLER", "url": "https://gumtree.com.au", "hosted_on": "UNKNOWN", "type": "NETWORK_SERVICE", "belongs_to_asset_group": { "name": "CA Business Unit", "uuid": "8cc7e379-1c9a-47df-aad1-a129afba337a" }, "cloud_console_url": null }, "policy_violation_status": "RESOLVED", "date_created": "2021-01-19T12:04:15.714371+00:00", "relevance": "IMPORTANT", "description": "The server leverages a certificate for SSL/TLS connections that will expire in less than the configured number of days.\\n\\nIf the SSL certificate is not renewed in time, clients including browsers and mobile applications will not allow\\nconnecting to the server, and will instead display an error to the end-user stating that the connection is not secure.", "recommendation": "Deploy a new SSL/TLS certificate on the affected server.", "additional_information": null, "portal_url": "https://dev-acheron.appspot.com/api/inspect/policy-violations/924f1fb0-ebaa-4dfd-9297-390c0df18b44", "policy_name": "Data Theorem", "policy_uuid": "17e0e14d-e6f1-4b35-a5c0-976dbbf41436", "policy_portal_url": "https://dev-acheron.appspot.com/api/policy/17e0e14d-e6f1-4b35-a5c0-976dbbf41436", "violated_policy_rule_uuid": "471284cb-e96a-49e0-a729-674cfe18f506", "violated_policy_rule_type_uuid": "5c3b1f37-8509-5c6e-abed-6ee9f3497c17", "exception_explanation": null, "exception_date_created": null }, "version": 1 }, "time": 1611733052, "host": "securetheorem.com" }

See Also