Webhook Integration

StepSecurity's Webhook Integration enables you to receive real-time notifications about security events detected in your organization

This allows teams to respond quickly, integrate with incident response workflows, and enhance observability across CI/CD pipelines.

Prerequisites

Before setting up the Webhook integration:

  • You must be an Admin in your StepSecurity organization.

  • You should have a webhook endpoint ready to receive POST requests.

  • The endpoint must support HTTPS and accept JSON payloads.

Setup

Step 1: Navigate to your StepSecurity dashboard

Step 2: Click "Admin console"

Step 3: Click "Integrations"

Step 4: Click "Enable Webhook Integration

Step 5: Configure Webhook Integration

  • Enter your Webhook URL in the corresponding input field.

  • Select the HTTP Method (e.g., POST or GET) from the dropdown.

  • Add headers such as Authorization, Content-Type, etc.

    • For example, set Content-Type to application/json.

    • Click “+ Add Header” to add multiple headers if needed.

  • Choose your message format from the dropdown:

    • Raw – sends raw event data

    • Envelope – wraps the event data in an envelope structure

  • Select the kind of content to send:

    • Toggle on Send Insights and/or Send Detections as required.

  • Click “Test Connection” to validate the webhook setup.

Step 6: Select the Repos you want to send webhook events for

Step 7: Click “Save changes” to apply your configuration

Last updated

Was this helpful?