Skip to content
  • There are no suggestions because the search field is empty.

How do I integrate with Webhooks?

Webhooks enable Holm Security to send real-time security scan results and vulnerability notifications to any external system or custom application with a webhook endpoint. This article explains how to configure the webhook integration in Security Center.

What are webhooks?

A webhook is an automated message that Holm Security sends to a URL (webhook endpoint) of your choice whenever an event occurs, such as a scan completion or the detection of a critical vulnerability. Unlike polling systems that check for updates, webhooks push data to you in real-time, enabling faster incident response and automation.

Before you begin

You will need the following:

  • Webhook endpoint URL: The target URL where you want Holm Security to send notifications. This is provided by your external system or custom application.
  • Admin access: You must have administrator privileges in Security Center to configure integrations.
  • Webhook receiver ready: Your external system should be set up and listening for incoming webhook requests before you enable the integration.

How do I find my webhook endpoint URL?

The webhook endpoint URL is provided by the external system or application you want to integrate with.

  1. Log in to your external system or application (for example, a custom internal tool, ticketing system, or automation platform).
  2. Navigate to the integrations or webhooks section of that system.
  3. Look for a webhook URL, endpoint URL, or webhook listener address.
  4. Copy the complete URL (typically starts with https://).

💡 Tip: If you are setting up webhooks for the first time, check your external system's documentation for "webhook setup" or "API endpoints." Different systems use different names for their webhook settings.

Setting up the webhook integration

  1. Log in to Security Center.
  2. Click the Menu icon in the top-right corner.
  3. Click Integrations.
  4. Check Enable Webhooks.
  5. Click Configure to set up the integration:
    • In the Webhook endpoint field, paste the webhook URL copied from your external system.
    • Verify the URL is complete and correct (should start with https://).
  6. Click Test connection.
  7. Configure when to send notifications.
  8. Click Update settings.
  9. Done!

📝 Note: Only one webhook endpoint can be configured per instance. If you need to send notifications to multiple systems, consider using a webhook aggregation service or configuring your external system to fan out the notifications.

Event notifications

Once webhooks are enabled, Holm Security will automatically send notifications to your webhook endpoint for the following types of events:

  • Scan completion (successful or failed).
  • Vulnerabilities detected.
  • Critical security findings.
  • Asset changes and updates.

Each notification includes event details in JSON format.

Testing your webhook integration

  1. Run a scan or trigger an event that will generate a webhook notification.
  2. Check your external system to confirm it received the notification.
  3. If notifications are not arriving, verify that the webhook endpoint URL is correct and accessible, that your external system's firewall allows incoming requests from Holm Security, and that the webhook receiver is running and listening on the specified endpoint.

Troubleshooting

If your external system is not receiving webhook data, verify the following:

  • Verify the URL: Double-check the webhook endpoint URL is correct and reachable.
  • Check firewall rules: Ensure your firewall permits incoming requests from Holm Security.
  • Confirm endpoint is active: Test the endpoint separately to ensure it is running and accepting requests.
  • Check webhook format: Confirm your external system is configured to parse JSON-formatted notifications.

For more information, please contact our customer support.