Cloudnosys provides the facility to get delivery of alerts on your custom apps (Slack, Webhooks) in a matter of minutes and without a single line of code. Now, you can integrate your custom apps to Cloudnosys and get notified of the security risks and alerts in your cloud infrastructure so your team is always up to date with security and compliance posture. The alerts are triggered in a definite interval of time.
How to enable Webhooks Integration #
Do you want to see alerts on your own platform? Webhooks has you covered.
Just add your hook and instantly start receiving notifications on your own platform. Webhooks use a POST request and accept content in application/JSON format.
- Go to the Integration settings screen and click on the Authorize button in the Webhooks section.
- Enter your Webhooks URL and Authentication Token (optional) and then click on the Save button.
- You’re now ready to get Cloudnosys Notifications on Webhooks.
Response #
| Key | Type | Description |
| createdAt | Date | Time the risk alert was created |
| createdBy | String | Created by, only one value is available for risks i.e. “system” |
| description | String | Description of the risk detected e.g. “MFA not enabled for XYZ IAM User” |
| organization | Object | Organization object |
| organization.id | String | ID of the organization |
| organization.name | String | Name of the organization |
| risk | Object | Risk object which has all details related to the risk detected and on which resource |
| risk.category | String | Category of the risk e.g. Authentications, OS Vulnerabilities, Lateral Movement, IAM Misconfigurations, Neglected Assets, Vulnerabilities |
| risk.cloudAccount | Object | Cloud Account object |
| risk.cloudAccount.id | String | Cloud Account ID, generated by Cloudnosys |
| risk.cloudAccount.name | String | Name of the cloud account as defined by the user |
| risk.cloudAccount.provider | String | Cloud provider e.g. AWS, Azure, GCP |
| risk.region | String | Region of the risk detected as provided by Cloud |
| risk.service | String | Service this resource belongs to e.g. S3, EC2:Instance, RDS, etc. |
| risk.lastSeen | Date | Timestamp this risk was found the last time (last it was checked) |
| risk.firstSeen | Date | Timestamp this risk was found the first time |
| risk.severity | String | Severity of the risk detected e.g. Critical, High, Medium, Low |
| risk.signature | String | Signature that detected this risk e.g. AWS:S3-001 |
| risk.status | String | Status of the risk e.g. pass, fail |
| risk.resource | Object | Resource object which has all information related to the cloud resource the risk was detected on |
| risk.resource.id | String | Resource ID, unique to Cloudnosys platform |
| risk.resource.name | String | Resource name as identified in the cloud |
| risk.resource.tags | Array | Tags attached to the resource on the cloud provider’s platform |
| risk.vpc | String | VPC this risk was detected on |
| scanId | Number | ID of the scan which tested and found this risk |
| type | String | type will always be “risk” |
| url | String | Direct URL to view this risk on Cloudnosys platform |
Sample Response Body
| JSON representation |
| { “createdAt”: September 20, 2022 at 11:33:52 AM UTC+5, “createdBy”: “system”, “description”: “EBS volume encryption is not enabled or configured” “organization”: { “id”: “sample_organization_wxyz7”, “name”: “Sample Organization” } “risk”: { “category”: “Security”, “cloudAccount”: { “id”: “DMRNALJRKVYQg8P2XZxka”, “name”: “Sample Cloud Account”, “provider”: “AWS” }, “region”: “us-east-1”, “service”: “EC2:Volume”, “lastSeen”: September 20, 2022 at 11:33:52 AM UTC+5, “firstSeen”: September 10, 2022 at 11:33:52 AM UTC+5, “severity”: “high”, “status”: “fail”, “resource”: { “id”: “vol-0cb664480d1334e98”, “name”: “Client Server”, “tags”: [ “tag1”, “tag2”, “tag3”, ] }, “vpc”: “vpc-01234567890abcdef”, } “scanId”: 1234567890123, “type”: “risk”, “url”: “?d=true&org=sample_organization_wxyz7&filters=[{“type”:”cloudAccounts”,”value”[DMRNALJRKVYQg8P2XZxka]},{type:”signatureName”,value:[AWS:EBS-001]}]&drawerType=”signatureDrawer””, } |
FAQs #
Q: What is third-party API Integration?
Third-party API Integration is a type of integration that permits you to develop custom applications that can connect directly with your third-party software. This enables you to add features or improve upon business processes.
Q: Why Should I integrate my app with Cloudnosys?
Cloudnosys saves your time and reduces the threats to your cloud environment by allowing you to integrate third-party apps with Cloudnosys. This allows you to get notifications for all high-security risks and alerts in your cloud infrastructure. It removes the hassle of checking your dashboard every time for risks and also keeps your team updated with all the security postures.
