Webhook Alert Example- ITDR

{
  "organization": "$tenant_id$",
  "account": "$account_id$",
  "data": {
    "integrationByLocale": {
      "en": [
        "$integration_id_that_the_alert_sent_through$"
      ]
    },
    "type": "SecurityIssue", // The Type of alert
    "data": {
      "securityIssueEntity": {
        "id": "$id_of_incident$",
        "account": "$account_id$",
        "category": "$category_in_case_of_exposure$",
        "type": "$type_in_case_of_exposure"
      },
      "securityIssueAlert": {
        "id": "$id_of_alert$"
      },
      "threatMetadata": {
        "organization": "$org_name$",
        "link": "$alert_link_in_rezonate$",
        "title": "$title_of_threat$",
        "description": "$description_of_threat$",
        "firstSeenTime": $unix_time_first_seen$,
        "lastModificationTime": $unix_time_last_update$,
        "severity": "$risk_level$",
        "compromisedEntity": "$identity_identifier_of_compromised_incident$",
        "involvedAccountIds": [
          "$accounts_involved$"
        ],
        "accountId": "$account_involved$",
        "threatPlatforms": [
          "$platforms_involved$"
        ],
        "MitreTactics": [
          "$mitre_tactics_detected$"
        ],
        "ThreatsInvolvedEntities": []
      }
    }
  }
}
PreviousWebhook Alert Example - Saved Search NextMicrosoft Teams Integration
Last updated 11 months ago