loader image
Webhooks Integration

Cloudnosys provides the facility to get delivery of alerts on your custom apps (Slack, Webhooks) in a matter of minutes and without a single line of code. Now, you can integrate your custom apps to Cloudnosys and get notified of the security risks and alerts in your cloud infrastructure so your team is always up to date with security and compliance posture. The alerts are triggered in a definite interval of time.

How to enable Webhooks Integration #

Do you want to see alerts on your own platform? Webhooks has you covered.

Just add your hook and instantly start receiving notifications on your own platform. Webhooks use a POST request and accept content in application/JSON format.

  1. Go to the Integration settings screen and click on the Authorize button in the Webhooks section.

    Webhooks
  2. Enter your Webhooks URL and Authentication Token (optional) and then click on the Save button.

    Configure webhooks Integration

  3. You’re now ready to get Cloudnosys Notifications on Webhooks.

Response #

KeyTypeDescription
createdAtDateTime the risk alert was created
createdByStringCreated by, only one value is available for risks i.e. “system”
descriptionStringDescription of the risk detected e.g. “MFA not enabled for XYZ IAM User”
organizationObjectOrganization object
organization.idStringID of the organization
organization.nameStringName of the organization
riskObjectRisk object which has all details related to the risk detected and on which resource
risk.categoryStringCategory of the risk e.g. Authentications, OS Vulnerabilities, Lateral Movement, IAM Misconfigurations, Neglected Assets, Vulnerabilities
risk.cloudAccountObjectCloud Account object
risk.cloudAccount.idStringCloud Account ID, generated by Cloudnosys
risk.cloudAccount.nameStringName of the cloud account as defined by the user
risk.cloudAccount.providerStringCloud provider e.g. AWS, Azure, GCP
risk.regionStringRegion of the risk detected as provided by Cloud
risk.serviceStringService this resource belongs to e.g. S3, EC2:Instance, RDS, etc.
risk.lastSeenDateTimestamp this risk was found the last time (last it was checked)
risk.firstSeenDateTimestamp this risk was found the first time
risk.severityStringSeverity of the risk detected e.g. Critical, High, Medium, Low
risk.signatureStringSignature that detected this risk e.g. AWS:S3-001
risk.statusStringStatus of the risk e.g. pass, fail
risk.resourceObjectResource object which has all information related to the cloud resource the risk was detected on
risk.resource.idStringResource ID, unique to Cloudnosys platform
risk.resource.nameStringResource name as identified in the cloud
risk.resource.tagsArrayTags attached to the resource on the cloud provider’s platform
risk.vpcStringVPC this risk was detected on
scanIdNumberID of the scan which tested and found this risk
typeStringtype will always be “risk”
urlStringDirect URL to view this risk on Cloudnosys platform

Sample Response Body

JSON representation
{
    “createdAt”: September 20, 2022 at 11:33:52 AM UTC+5,
    “createdBy”: “system”,
    “description”: “EBS volume encryption is not enabled or configured”
    “organization”: {
        “id”: “sample_organization_wxyz7”,
        “name”: “Sample Organization”
    }
    “risk”: {
        “category”: “Security”,
        “cloudAccount”: {
            “id”: “DMRNALJRKVYQg8P2XZxka”,
            “name”: “Sample Cloud Account”,
            “provider”: “AWS”
        },
        “region”: “us-east-1”,
        “service”: “EC2:Volume”,
        “lastSeen”: September 20, 2022 at 11:33:52 AM UTC+5,
        “firstSeen”: September 10, 2022 at 11:33:52 AM UTC+5,
        “severity”: “high”,
        “status”: “fail”,
        “resource”: {
            “id”: “vol-0cb664480d1334e98”,
            “name”: “Client Server”,
            “tags”: [
                “tag1”,
                “tag2”,
               “tag3”,
           ]
        },
        “vpc”: “vpc-01234567890abcdef”,
    }
    “scanId”: 1234567890123,
    “type”: “risk”,
    “url”: “?d=true&org=sample_organization_wxyz7&filters=[{“type”:”cloudAccounts”,”value”[DMRNALJRKVYQg8P2XZxka]},{type:”signatureName”,value:[AWS:EBS-001]}]&drawerType=”signatureDrawer””,
}

FAQs #

Q: What is third-party API Integration?

Third-party API Integration is a type of integration that permits you to develop custom applications that can connect directly with your third-party software. This enables you to add features or improve upon business processes.

Q: Why Should I integrate my app with Cloudnosys?

Cloudnosys saves your time and reduces the threats to your cloud environment by allowing you to integrate third-party apps with Cloudnosys. This allows you to get notifications for all high-security risks and alerts in your cloud infrastructure. It removes the hassle of checking your dashboard every time for risks and also keeps your team updated with all the security postures.

Was this page helpful?