Notifications

The notification settings in StepSecurity allow you to receive alerts about critical security events via email, Slack, or Microsoft Teams. These notifications help you stay informed about potential security risks in your workflows.

Configuring Notifications

Notification Settings showing a bunch of notification channels and notification events

You can customize notification settings by specifying:

Notification Channels: Enter your email address or provide a Slack/Teams webhook URL to receive alerts. Follow these instructions to create a Slack webhook and Teams webhook
Notification Events: Select the security events for which you want to be notified, such as:
- Outbound traffic is blocked
- Anomalous outbound call is discovered
- Anomalous HTTPS outbound call is discovered
- Source code file is overwritten
- Secrets detected in the build log
- Secrets detected in build artifacts
File Exclusions: If there are specific files you do not want to trigger notifications (e.g., README.md, package-lock.json), you can list them in the Exempt Files text box. Wildcards (e.g., *.md) are supported.

Saving Your Preferences

Once you’ve configured the notification settings, click Save to apply your changes.

PreviousSettings NextSelf-Hosted Runners

Last updated 3 months ago

Was this helpful?