In this article you will find:
- How configure Slack connector
- How to share vulnerabilities from Vulcan to Slack channels
- How to use Slack in Automation
1. Configuring Slack Connector
In Connectors page, click Add new connector.
Click on Slack connector.
- Each Slack connector is referred to Slack-Channel, so it is recommended to use indicative names for your connectors.
Fill in the following fields:
Webhook URL - The webhook URL of the channel you want to send messages to. You can read more of how to generate webhook URL in this article.
- Click on Test Webhook to send a test message to the requested channel
- Click Save
2. Share vulnerabilities from Vulcan to Slack channels
You can share all vulnerabilities data to your configured Slack channels.
- In the vulnerability card click on Take Action --> Share
- Choose Post to a Slack channel
- Under Channel(s), check all relevant channels you want to share the vulnerability with.
- Click Share
3. Using Slack connector in Automation
With Vulcan, you can automate sending Slack messages in your playbook.
Navigate to the Automation, click on Create new Playbook.
Name your playbook. For example: “Remediate Rapid7”
Add a description to your Playbook (optional)
Choose your Playbook’s trigger (Vulnerabilities to fix)
- Vulnerability from source – The connector from which we pull assets. For example: Vulnerabilities from source Rapid7.
- Vulnerability where – The rule which the playbook will be attached by. For example: Vulnerability where CVSS Score is greater than 7.
- On assets where – The asset’s property you wish to be automated. For example: On assets where OS is Windows.
- In this example, the vulnerability that will be fixed is any vulnerability with CVSS score higher than 7, which was found on assets with Windows OS, and that was discovered by Rapid7 connector.
- Under Remediation actions choose Post to Slack channel action
- Choose Slack channel you want to post a message to
- Click Save