Introduction

The Truesec Platform supports outgoing Webhooks for service publications such as Incidents, Vulnerabilities or Threat Events, for four key applications: Microsoft Teams, Slack, ServiceNow, and Jira. The outgoing Webhooks are defined through each Workspace in https://soc.truesec.app  by a Workspace Owner.

An incoming Webhook is configured in the receiving application by an authorized user. Guides on how to receive Webhooks for Teams and Slack via the applications’ Workflow capabilities can be found here.

Here’s how each integration works:

• Microsoft Teams: Webhooks are sent to Microsoft Teams via Workflows, enabling real-time communication and automation within your Teams environment. Teams Workflows are setup in Microsoft Power Automate, and can be managed in the Teams Workflows app.
  
  
• Slack: Slack receives Webhooks through Workflows, facilitating seamless integration and task automation. Slack Workflows are managed in the Slack application, or the online Workflow builder.
  
  
• ServiceNow: For ServiceNow, the Webhook receiver setup requires configuration by your ServiceNow team. Webhooks can, for example, be received via the Table API for Incidents, allowing ServiceNow to process Truesec SOC incidents, and incorporate them into your case management processes.
  
  
• Jira: Jira receives Webhooks through Jira Automation using the Incoming webhook trigger. This allows Jira to create or update issues based on Truesec SOC data, integrating incidents into your issue tracking workflows.