Notifications

The notification settings in StepSecurity allow you to receive alerts about critical security events via email, Slack, or Microsoft Teams. These notifications help you stay informed about potential security risks in your workflows.

Configuring Notifications

Notification Settings showing a bunch of notification channels and notification events
Notification Settings

You can customize notification settings by specifying:

  • Notification Channels: Enter your email address or provide a Slack/Teams webhook URL to receive alerts. Follow these instructions to create a Slack webhook and Teams webhook

  • Notification Events: Select the security events for which you want to be notified, such as:

    • Outbound traffic is blocked

    • Anomalous outbound call is discovered

    • Anomalous HTTPS outbound call is discovered

    • Source code file is overwritten

    • Secrets detected in the build log

    • Secrets detected in build artifacts

  • File Exclusions: If there are specific files you do not want to trigger notifications (e.g., README.md, package-lock.json), you can list them in the Exempt Files text box. Wildcards (e.g., *.md) are supported.

Saving Your Preferences

  • Once you’ve configured the notification settings, click Save to apply your changes.

Last updated

Was this helpful?