Introduction

The Truesec Platform supports outgoing Webhooks for service publications such as Incidents, Vulnerabilities or Threat Events, for three key applications: Microsoft Teams, Slack, and ServiceNow. The outgoing Webhooks are defined through each Workspace in https://soc.truesec.app by a Workspace Owner.

An incoming Webhook is configured in the receiving application by an authorized user. Guides on how to receive Webhooks for Teams and Slack via the applications’ Workflow capabilities can be found here.

Here’s how each integration works:

• Microsoft Teams: Webhooks are sent to Microsoft Teams via Workflows, enabling real-time communication and automation within your Teams environment. Teams Workflows are setup in Microsoft Power Automate, and can be managed in the Teams Workflows app.
  
  
• Slack: Slack receives Webhooks through Workflows, facilitating seamless integration and task automation. Slack Workflows are managed in the Slack application, or the online Workflow builder.
  
  
• ServiceNow: For ServiceNow, the Webhook receiver setup requires configuration by your ServiceNow team. Webhooks can, for example, be received via the Table API for Incidents, allowing ServiceNow to process Truesec SOC incidents, and incorporate them into your case management processes.