Rezonate
  • 🏠Home
  • 🚩Platform Tour
    • đŸ‡ģđŸ‡ŗPlatform Dashboard
    • 🆔Identity Analytics
      • đŸĒĒIdentity Centric
      • 🔡Identity By Platform
    • ⚠ī¸Risks & Threats
      • Highlighted ITDR Capabilities
  • ℹī¸How-to Guides
    • ➕Adding Integrations
    • đŸ¤ĻManage Users
    • 🧑‍đŸ’ŧCustomize Exposures
    • 👁ī¸â€đŸ—¨ī¸Querying & Filtering Data
  • 📐Core Integrations
    • Azure Integration
      • Required Privilegees
      • Update Certificate for Existing Installation
    • Okta Integration
      • Okta Integration -Remediation Supported
    • Google Workspace
      • 1-Click Integration
      • Legacy Integration
    • Google Cloud Integration
    • Zoom Integration
    • DocuSign Integration
    • GitHub Integration
      • GitHub Enterprise Expansion
    • AWS Integration
      • AWS - Required Privileges
      • Log Streaming Integration
    • Salesforce Integration
      • Salesforce - Collected Data & Query Volume
    • JAMF Pro Integration
    • CircleCI Integration
    • Auth0 Integration
    • Cloudflare Integration
    • CrowdStrike Integration
      • Integrating Permissions
    • Slack Integration
    • Workday Integration
    • BambooHR Integration
    • Snowflake Integration
    • LastPass Integration
    • SentinelOne integration
    • SAP Cloud Platform Integration
    • GitLab Integration
    • Oracle NetSuite Integration
    • Atlassian Cloud Integration
    • Zendesk Integration
    • HiBob Integration
    • Microsoft Defender Integration
    • Docusign Integration
    • Mongo Atlas Integration
    • Ping Identity One Integration
    • Generic HRIS Integration
  • 📍Notifications & Alerts
    • Slack Integration
    • HTTP Webhook Integration
      • Webhook Alert Example - Saved Search
      • Webhook Alert Example- ITDR
    • Microsoft Teams Integration
    • Torq Integration
    • Email Integration
    • Splunk Integration
    • Datadog Integration
    • PagerDuty Integration
    • Jira Integration
  • 🆘Troubleshooting & Support
    • Collectors IP Ranges
    • Data Processing
      • AWS
      • Azure Active Directory
      • Azure Cloud
      • Google Workspace
    • SSO Integrations
      • SSO Login - Okta
      • SSO Login - AzureAd
  • 📓Legal & Terms
Powered by GitBook
On this page
  1. Notifications & Alerts
  2. HTTP Webhook Integration

Webhook Alert Example- ITDR

{
  "organization": "$tenant_id$",
  "account": "$account_id$",
  "data": {
    "integrationByLocale": {
      "en": [
        "$integration_id_that_the_alert_sent_through$"
      ]
    },
    "type": "SecurityIssue", // The Type of alert
    "data": {
      "securityIssueEntity": {
        "id": "$id_of_incident$",
        "account": "$account_id$",
        "category": "$category_in_case_of_exposure$",
        "type": "$type_in_case_of_exposure"
      },
      "securityIssueAlert": {
        "id": "$id_of_alert$"
      },
      "threatMetadata": {
        "organization": "$org_name$",
        "link": "$alert_link_in_rezonate$",
        "title": "$title_of_threat$",
        "description": "$description_of_threat$",
        "firstSeenTime": $unix_time_first_seen$,
        "lastModificationTime": $unix_time_last_update$,
        "severity": "$risk_level$",
        "compromisedEntity": "$identity_identifier_of_compromised_incident$",
        "involvedAccountIds": [
          "$accounts_involved$"
        ],
        "accountId": "$account_involved$",
        "threatPlatforms": [
          "$platforms_involved$"
        ],
        "MitreTactics": [
          "$mitre_tactics_detected$"
        ],
        "ThreatsInvolvedEntities": []
      }
    }
  }
}
PreviousWebhook Alert Example - Saved SearchNextMicrosoft Teams Integration

Last updated 10 months ago

📍