We are introducing a new integration solution to accommodate the need for a seamless workflow required in the modern security organization. Using this new integration solution, you can easily integrate Detectify into your workflow, enabling you to configure Detectify in a way that best suits your team.
Note: To use these integrations, ensure you have access to our API. Without it, these integrations will not be able to utilise our API on your behalf.
Getting started
To use our new integrations, simply navigate to the Integrations 2.0 section on the side menu. From there, you will be asked to review and accept Workato's Embedded Software Supplemental Terms. Because our new integration solution relies on Workato, which is a third-party actor, they will need approved access to the data flowing through the integrations. As such, Workato will act as a processor of certain personal data (such as your IP-address) solely for administrative purposes (integration setup and maintenance). These terms apply in addition to the regular agreements you have with Detectify.
Once accepted, you will need to create a new Detectify API key or use an existing one to connect to your preferred third-party applications. Integrations will need the corresponding API key permissions depending on the action you want to take. For example, if you want to be notified when a new vulnerability is found or updated, your API key will need permission to list the vulnerabilities for your team.
We recommend your API key to have at least the following permissions;
Allow reading vulnerabilities
Allow listing domains
Allow listing scan profiles
Allow reading scan status
Setting up recipes
Connections, Actions & Triggers
Once you have accepted Workato’s Embedded Software Supplemental Terms and configured an API key, you will see a list with available recipe templates that Detectify’s team has set up beforehand and ready to use or to be configured to your liking.
A recipe is an automated workflow that connects your apps by combining triggers and actions and is the core of setting up these integrations. For a recipe to communicate with apps via actions and triggers, it needs to be authorized to interact with said apps. This authorization is referred to as a connection, and is set up under the "Manage" tab. As connections are not tied to a recipe and a single connection can be used by multiple recipes, you will only need to do this once per app/segment of the app you want to integrate with (as an example, using multiple Jira board integrations would require a Jira connection for each board).
Once the right connections are in place, it's time to configure a recipe. Recipes can be easily modified in various ways to meet your specific needs. You can customize what kind of event you want the recipe to activate by changing the recipe's triggers or by adding filters to refine the trigger. In the trigger step you can also decide from what point in time you want the recipe to fetch information from. Please note that by default, recipes will only collect new trigger events that occur after you click "Start recipe". If you wish to fetch past trigger events from a specific date and time, make sure to adjust the date in the trigger BEFORE starting the recipe. In this way, the recipe will collect past trigger events from the specified date and time. Once a recipe has been started, this date cannot be changed. However, if you need to change the start time of an already-started recipe, you can copy that recipe and change the date on the newly created copy before starting the said recipe.
Beyond configuring the trigger, you can also modify the actions of the recipe to alter what should be done when the recipe is triggered. In this step, branching can be added to create conditional logic that determines different actions based on different conditions. As an example, when setting up alerts in Slack for any new vulnerabilities found by Detectify, you may prefer a specific message for lower severity vulnerabilities and a different one for more critical ones.
Datapills
When modifying your recipe you will work with datapills. Datapill variables are output data from a trigger or an action step that you can use to map business logic into recipe steps. In the context of Detectify, examples of data pills for vulnerabilities include Title (finding title), and Description (what the vulnerability is). In short, datapills allow you to dynamically refer to a kind of data in your recipes, enabling you to establish more sophisticated integrations with Detectify.
Starting your recipe
After configuring your recipe, you're all set to start it. If you wish to ensure that the recipe functions as intended before starting it, you can run a test job.
When a recipe is started, it waits for a specified triggering event before executing the actions outlined in the recipe. When recipes are stopped, they will stop looking for trigger events until they start again. If a recipe is restarted, it will catch up on all the events while it was stopped. In other words, the stop function acts like a pause button for recipes.
You should now have your recipe up and running. You should now have your recipe up and running. If needed, you will find additional information on Workato's features and capabilities by visiting their documentation site.
You should now have your recipe up and running. If needed, you will find additional information on Workato's features and capabilities by visiting their support@detectify.com.