# Notifications

The notification settings in StepSecurity allow you to receive alerts about critical security events via email, Slack, or Microsoft Teams. These notifications help you stay informed about potential security risks in your workflows.

### Configuring Notifications

<figure><img src="/files/U6s3xf5LDfhtbDjj4V9O" alt=""><figcaption></figcaption></figure>

You can customize notification settings by specifying:

#### **Notification Channels**

In StepSecurity we support two integrations for notifications:

**Slack**

You can set up Slack notifications in one of two ways:

1. Webhook URL:

   Provide your Slack webhook URL. [Follow these instructions](https://docs.slack.dev/messaging/sending-messages-using-incoming-webhooks/) to create a Slack webhook.
2. OAuth App:

   Configure the Slack App in your Admin Settings to enable OAuth-based notifications.

**Follow this interactive demo to see how to setup Slack OAuth App:**

{% embed url="<https://app.storylane.io/share/ujnclquz72xw>" %}

**Microsoft Teams**

To integrate with Microsoft Teams, add a Teams webhook URL. [Follow these instructions](https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook?tabs=newteams%2Cdotnet) to create a Teams webhook.

#### **Notification Events**

Select the security events for which you want to be notified, such as:

* Outbound traffic is blocked
* Anomalous outbound call is discovered
* Anomalous HTTPS outbound call is discovered
* Source code file is overwritten
* Secrets detected in the build log
* Secrets detected in build artifacts
* Imposter commits are detected
* Suspicious network calls are detected
* Suspicious process events are detected
* Non-compliant artifacts are detected
* Run policy is blocked

#### **File Exclusions**

If there are specific files you do not want to trigger notifications (e.g., README.md, package-lock.json), you can list them in the Exempt Files text box. Wildcards (e.g., \*.md) are supported.

### Saving Your Preferences

* Once you’ve configured the notification settings, click Save to apply your changes.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.stepsecurity.io/workspace/settings/notifications.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.