Disclaimer

Any sample or proof of concept code or Custom Platform provided on the Community is provided “as is” and without any express or implied warranties. This means that we do not promise that it will work for your specific needs or that it is error-free. Such Code is community supported and not supported directly by BeyondTrust, and it is not intended to be used in a production environment. BeyondTrust and its contributors are not liable for any damage you or others might experience from using the Code, including but not limited to, loss of data, loss of profits, or any interruptions to your business, no matter what the cause is, even if advised of the possibility of such damage.

Context

Identity Security Insights is a SaaS platform that enables organizations to respond to security incidents and assign tasks for mitigating the risk and resolution. Webhooks allow Identity Security Insights to send detection and recommendation information to a configured Teams channel.

Webhook

Webhooks allow Identity Security Insights to send information and data directly to your third-party applications, eliminating manual intervention and delays.

Once configured, webhooks provide a real-time method of notifying external systems about a security incident, assigning tasks for mitigating the risk and resolution; improving your organization's overall security posture. Webhook message content can be customized using a suite of built-in variables.

Identity Security Insights can integrate with any third-party application capable of receiving generic incoming webhooks. Detection and recommendation information can be sent from your Insights dashboard to Microsoft Teams. 

For the webhook template, a sample json configuration file has been uploaded. Create or change the fields and add variables as per your requirement.