Support
Communication

Integrating Invicti Enterprise with Slack

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

Slack is a team messaging system that enables enterprise teams to communicate across a series of dedicated project or department channels via messaging and calls.

Invicti Enterprise can let your teams be notified about vulnerabilities identified in your web application if you integrate Invicti Enterprise with Slack.

For further information, see What Systems Does Invicti Integrate With?.

Slack fields

This table lists and explains the Slack Fields on the New Slack Integration page.

Button/Section/Field Description
Name This is the name of the configuration that will be shown elsewhere.
Mandatory This section contains fields that must be completed.
Webhook URL This is the webhook URL to which issues are sent.
Title Format This is the string format that is used to create the vulnerability title.

How to integrate Invicti Enterprise with Slack

There are two steps to integrate Invicti Enterprise with Slack.

  1. Create a webhook URL on Slack for integration
  2. Add the webhook URL to Invicti Enterprise to integrate with Slack

Prerequisite

  • Administrator permission is required to create an app on Slack

Step 1. Creating a webhook URL on Slack for integration

  1. Go to Sending messages using Incoming Webhooks and scroll down to the Create a Slack app section.
  1. Select Create your Slack app.
  2. From the Create an app pop-up, select From scratch.
  1. In the App Name field, enter an app name.
  1. From the Pick a workspace to develop your app in drop-down, select a workspace. (If you are not currently signed in to the Slack workspace you want to integrate, select Sign in to another workspace from the drop-down.)
  2. Select Create App.
  3. In the Basic Information page, select Incoming Webhook.
  1. Switch the Activate Incoming Web Hooks status to ‘On’.
  1. Select Add New Webhook to Workspace.
  1. From the What will [Test] be able to view? drop-down, you can select an option.
  2. From the Where should test post?, select the channel or contacts you want to connect to on the next page.
  3. Select Allow. A webhook URL specific to your link will be created.
  1. In the Webhook URL field, select Copy. (You need this URL in the 2nd step.)

Step 2. Adding the webhook URL to Invicti Enterprise to integrate with Slack

  1. Log in to Invicti Enterprise.
  2. From the main menu, select Integration New Integration.
  1. From the Communication section, select Slack.
  1. Copy and paste the WebHook URL you created in Slack into the WebHook URL field in Invicti.
  2. Select Create Sample Issue to confirm that Invicti can connect to the configured system and create a sample issue.
  1. Select Save to save the integration.

How to export reported vulnerabilities to projects in Slack

There are several ways to send issues to Slack with Invicti Enterprise:

  • Once notifications have been configured, you can configure Invicti Enterprise to automatically send vulnerabilities after scanning has been completed (see How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System).
  • You can send one or more issues the Issues window:
    • You must have Manage Issue permission,
    • From the main menu, select Issues, then All Issues.
    • From the Issues page, select one or more issues you want to send.
    • Select Send To > Slack.

A pop-up is displayed, with the title of the you have sent to Slack. If there is an error, this information will be displayed instead.

  • You can send an issue from the Recent Scans window:
    • From the main menu, select Scans > Recent Scans.
  • Next to the relevant scan, select Report.
  • Scroll down to the Technical Report section.
  • From the list of detected vulnerabilities, select an issue and display its details.
  • Select Send To > Slack.

If you have previously submitted this vulnerability to Slack, it will already be accessible. You cannot submit the same issue twice.