Webhooks

Webhooks will allow SRM to issue POST requests to an external resource when finding or triage statuses are updated. Currently, webhooks are an API-only feature. Please see the Webhooks section of the API guide for more detailed information on how to configure webhooks.

Once a webhook has been configured, anytime the triage or finding status has been updated for one or more findings that belong to a project that matches a webhook configuration, a payload will be generated and a POST request will be made. The payload is a json object with the following properties:

• trigger – The event that triggered this payload to be sent.
• reasons – A list of reason objects detailing why the event was triggered. These objects may have the following properties:
  • reason – A short text describing the type of reason, can be one of the following: "analysis", "re-correlation", "archival", "system", "user-action", or "jira-sync".
  • user – An object detailing the user that triggered this event. Contains the ID and name of the user. Only available on "analysis", "re-correlation", "archival", and "user-action" reasons.
  • analysisId – The ID of an analysis. Only available on "analysis" reasons.
  • input – The name of an analysis input. Only available on "archival" reasons.
  • action – A short text description providing context to the reason. Only available on "jira-sync", "user-action", and "system" reasons.
• findings – A list of finding objects. See the Finding Table Data endpoint in the API guide to view the structure of the finding objects.

If a webhook is configured to use a secret, the requests made by SRM will contain the X-Signature header. The value of this header is generated by hashing the request json body using an HMAC hex digest.