Skip to main content

Cyware Threat Intelligence eXchange

Add New Webhook

You can add a new webhook to extract threat intel from one application to another using a unique URL over the web

Before you Start

  • Ensure that you have View Webhooks, Create Webhooks, and Update Webhooks permissions.

  • Ensure that you have View Feed Source, Create Feed Source, and Update Feed Source permissions.

Steps

To add a new webhook, follow these steps:

  1. Go to Administration > Integrations Management > Feed Sources > Webhooks.

  2. Click Add Webhook.

  3. Enter the following details:

    • Title: Enter a unique title for the webhook within 50 characters.

    • Select an Application: Select an application that has webhook functionality enabled. All integrated applications can be managed from the API source. Ensure to enable the Webhooks and the application to see the Webhooks in the menu. The supported applications are:

      • Mattermost

      • Slack

    • Expires After (in days): Enter an expiry date for the webhook. After the webhook expires, the webhook token expires, and you must renew the token to receive feeds. The default days for expiry are:

      • Mattermost: The default expiry is 30 days. You can enter a maximum of 299 days.

      • Slack: The default expiry is 1834 days. You can enter a maximum of 2999 days.

    • Deprecates after: Set the duration in days after which the threat data (indicator) will be deprecated, unless the source provides an expiry duration (Range: 1–180 days). If the same indicator is received from multiple sources, the longest valid duration is applied.

    • Confidence: Enter a default confidence score for the feeds from the webhook. The default confidence score is 75. You can enter a maximum confidence score of 100.

  4. Click Add.

The platform displays a token URL for the webhook. After getting the token URL, follow these steps:

  1. Go to the application you have selected while adding the webhook.

  2. Create an outgoing webhook and use the token URL as the callback URL to configure the outgoing webhook.

  3. After creating the outgoing webhook, the application returns a token. 

  4. Return to the CTIX platform and enter the token received from the application in Application Token.

  5. Click Save.

The webhook is created, and a secure connection between the Intel Exchange platform and the feed source application is established.