Webhook Endpoints
Configure event-driven security notifications and integrate with SIEM, ticketing, or custom alerting systems.
High-severity threat detected, malware execution, or anomalous network activity.
New security incident created in the platform, requires triage or investigation.
Policy violations, failed compliance checks, or access control misconfigurations.
Vulnerability or configuration scan finished with results summary.
| Event Type | Status | Timestamp | HTTP Code | Retries | Actions |
|---|---|---|---|---|---|
| security.alert | Delivered | 2025-06-14 14:32:18 UTC | 200 OK | 0 | View Payload |
| incident.created | Delivered | 2025-06-14 13:15:42 UTC | 200 OK | 1 | View Payload |
| compliance.audit | Failed | 2025-06-14 11:08:55 UTC | 401 Auth | 3/3 | Redeliver |
| scan.completed | Pending | 2025-06-14 09:45:11 UTC | - - - | 0 | View Payload |
HMAC-SHA256 Authentication
Every webhook payload is signed using your configured secret. Verify authenticity by checking the X-CyberVault-Signature header.
Compute HMAC-SHA256 over the raw request body using your secret and compare it with the header value. Reject requests where signatures do not match.