Complimentary 90-day, on-prem license available for entities involved in Covid19 response.
SUPPORT

24/5 Hotline Support Service

+44 (0)20 3588 3841

Open a Support Ticket

support@netsparker.com

Integrating Netsparker Enterprise with Webhooks

Netsparker Enterprise allows you to integrate with many issue tracking systems. However, there are some applications for which Netsparker Enterprise does not currently offer integration. Instead, Netsparker Enterprise offers webhook integration for applications that support incoming webhooks. Webhooks are not applications, but they provide a way for an application to get data from other applications with real-time information.

Webhook Fields

This table lists and explains the Webhook fields in the New Webhook Integration window.

Button/Section/Field

Description

Name

This is the name of the configuration that will be shown in menus.

Mandatory

This section contains fields that must be completed.

URL

This is the Webhook instance URL.

Title Format

This is the string format that is used to create the vulnerability title.

HTTP Method

This indicates the action to be performed on a resource for the request.

Payload Type

This is the data format in which requests are sent.

Optional

This section contains optional fields.

Issue Parameter

This is the parameter name of the issue.

Title Parameter

This is the parameter name of the issue title.

Body Parameter

This is the parameter name of the issue body.

Username

This is the username for the HTTP authentication.

Password

This is the password for HTTP authentication.

HTTP Headers

This section contains the HTTP Headers that will be added to the HTTP request.

Name

Enter a name for the new HTTP Header.

Value

Enter a value for the new HTTP Header.

Custom Fields

This section contains user-defined custom fields.

New Custom Field

Click to create a new custom field.

Name

Enter a name for the new custom field.

Value

Enter a value for the new custom field.

Dropdown

Click the dropdown to change the input type. The options are:

  • Text
  • Password
  • Textarea
  • File upload

Create Sample Issue

Once all relevant fields have been configured, click to create a sample issue.

How to Integrate Netsparker Enterprise with a Webhook

  1. Log in to Netsparker Enterprise.
  2. From the main menu, click Integrations then New Integration.

  1. From the API section, click Webhook. The New Webhook Integration window is displayed.
  2. Create a webhook for the application you want. (For this procedure, we will use Slack as an example of how to create Incoming Webhooks.)

  1. In the Name field, enter a name for the integration.
  2. In the Mandatory section, complete the connection details:
    • URL
    • Title Format
    • HTTP Method
    • Payload Type
  3. In the Optional section, complete as required:
    • Issue Parameter
    • Title Parameter
    • Body Parameter
    • Username
    • Password
  4. Click Create Sample Issue to confirm that Netsparker Enterprise can connect to the configured system. A confirmation message is displayed to confirm that the sample issue has been successfully created.

  1. If the Webhook integration is not configured correctly, Netsparker Enterprise will correctly route the following descriptive error messages to you. Sample error messages may be displayed as illustrated:
    • If the URL was entered incorrectly

How to Export Reported Vulnerabilities to Projects Using a Webhook

There are several ways to send issues to projects using a webhook with Netsparker Enterprise:

  • Once notifications have been configured, you can configure Netsparker Enterprise to automatically send vulnerabilities after scanning has been completed (see How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System).
  • You can send one or more issues from the Issues window:
    • You must have Manage Issue permission.
    • From the main menu, select Issues, then All Issues. The Issues window is displayed.
    • Select one or more issues you want to send.
    • Click Send To, then Webhook.

    • A popup is displayed, with a message about the issue you have sent via the webhook. If there is an error, this information will be displayed instead.

  • You can send an issue from the Recent Scans window:
    • From the main menu, click Scans then Recent Scans.

    • Next to the relevant scan, click Report. The report is displayed.
    • Scroll down to the Technical Report section.
    • From the list of detected vulnerabilities, click to select an issue and display its details.

    • Click Send To, then Webhook.
    • If you have previously submitted this vulnerability via a  webhook, it will already be accessible. You cannot submit the same issue twice.
  • If you view opened problem logs via a webhook, they look like this.

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO