https://community.dynatrace.com/t5/Open-Q-A/Risk-Security-Assessment-Integration-to-MS-Teams-using-Webhook/m-p/256190#M33830 <P>Hi&nbsp;<a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/9193">@echwallah</a></P><P>As highlighted by&nbsp;&nbsp;<a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/11931">@andre_vdveen</a>&nbsp;,&nbsp;<a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/46508">@Alexander_Mohr</a>&nbsp;</P><OL><LI>you can also check with Microsoft team the attached URL:&nbsp;<A href="https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook?tabs=newteams%2Cdotnet" target="_blank">Create an Incoming Webhook - Teams | Microsoft Learn</A></LI><LI>you can enable&nbsp;</LI></OL><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Peter_Youssef_0-1726639800971.png" style="width: 726px;"><img src="https://community.dynatrace.com/t5/image/serverpage/image-id/22550iB4C5C1C1F4C405BB/image-dimensions/726x57?v=v2" width="726" height="57" role="button" title="Peter_Youssef_0-1726639800971.png" alt="Peter_Youssef_0-1726639800971.png" /></span></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Peter_Youssef_1-1726639862092.png" style="width: 653px;"><img src="https://community.dynatrace.com/t5/image/serverpage/image-id/22551iEAA25B1712858A8A/image-dimensions/653x307?v=v2" width="653" height="307" role="button" title="Peter_Youssef_1-1726639862092.png" alt="Peter_Youssef_1-1726639862092.png" /></span></P><P>For Credential vault feel free to review what might be applicable for current setup:&nbsp;<A href="https://docs.dynatrace.com/docs/platform-modules/digital-experience/synthetic-monitoring/general-information/external-vault-integration" target="_blank">External vault integration - Dynatrace Docs</A></P><P><A href="https://docs.dynatrace.com/docs/observe-and-explore/notifications-and-alerting/problem-notifications/microsoft-teams-integration#expand--example" target="_blank">Send Dynatrace notifications to Microsoft Teams - Dynatrace Docs</A></P> Wed, 18 Sep 2024 06:13:28 GMT Peter_Youssef 2024-09-18T06:13:28Z https://community.dynatrace.com/t5/Open-Q-A/Risk-Security-Assessment-Integration-to-MS-Teams-using-Webhook/m-p/230415#M29874 <P>We are having an&nbsp; observation that has poised a security risk using the webhook for custom Integations and MS Teams.</P> <P>&nbsp;</P> <P>The security teams made the below findings.</P> <P>&nbsp;</P> <P>&nbsp;</P> <TABLE width="624"> <TBODY> <TR> <TD width="180"> <P><STRONG>Vulnerability</STRONG></P> </TD> <TD width="102"> <P><STRONG>Severity</STRONG></P> </TD> <TD width="342"> <P><STRONG>Remediation</STRONG></P> </TD> </TR> <TR> <TD width="180"> <P><SPAN>Sensitive Data Tampering</SPAN></P> </TD> <TD width="102"> <P>High</P> </TD> <TD width="342"> <P>·&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Encrypt payload to ensure the integrity and confidentiality of data.</P> </TD> </TR> </TBODY> </TABLE> <P>&nbsp;</P> <P>Is there a mechanism to encrypt/obfuscate the payload from Dynatrace in order to address these risk as mentioned..</P> <P>How can this be mitigated?</P> <P>&nbsp;</P> Fri, 01 Dec 2023 08:15:07 GMT https://community.dynatrace.com/t5/Open-Q-A/Risk-Security-Assessment-Integration-to-MS-Teams-using-Webhook/m-p/230415#M29874 echwallah 2023-12-01T08:15:07Z https://community.dynatrace.com/t5/Open-Q-A/Risk-Security-Assessment-Integration-to-MS-Teams-using-Webhook/m-p/230748#M29916 <P>Hi,&nbsp;</P> <P>Thanks for pointing this out.&nbsp;I suggest using the native MS Teams for Workflow integration. Security-relevant information like tokens or incoming webhook URL, which includes tokens are managed within settings, are masked, and can't be extracted by the user.&nbsp;<BR /><BR />If you want to leverage HTTP(s) requests within workflows, I suggest using Credential Vault to manage and access tokens within a web request.&nbsp;<BR /><BR />Does this address your concern?&nbsp;<BR /><BR />BR Alexander</P> Tue, 05 Dec 2023 07:51:24 GMT https://community.dynatrace.com/t5/Open-Q-A/Risk-Security-Assessment-Integration-to-MS-Teams-using-Webhook/m-p/230748#M29916 Alexander_Mohr 2023-12-05T07:51:24Z https://community.dynatrace.com/t5/Open-Q-A/Risk-Security-Assessment-Integration-to-MS-Teams-using-Webhook/m-p/231131#M29965 <P>Hi Erick,</P><P>The payload is not exposed while traversing the network, as long as the webhook to MS Teams is using https, which it does by default as far as I'm aware; the concern you raise is based on what is visible in the browser/Burp, which makes sense as the endpoint is trusted and the payload is not encrypted anymore.</P><P>Therefore, if the security concern is related to potential authenticated malicious users, I understand the concern but as Alexander said, your other option is to use the integration via Workflows.</P><P>Regards,<BR />André</P> Thu, 07 Dec 2023 08:22:39 GMT https://community.dynatrace.com/t5/Open-Q-A/Risk-Security-Assessment-Integration-to-MS-Teams-using-Webhook/m-p/231131#M29965 andre_vdveen 2023-12-07T08:22:39Z https://community.dynatrace.com/t5/Open-Q-A/Risk-Security-Assessment-Integration-to-MS-Teams-using-Webhook/m-p/256190#M33830 <P>Hi&nbsp;<a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/9193">@echwallah</a></P><P>As highlighted by&nbsp;&nbsp;<a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/11931">@andre_vdveen</a>&nbsp;,&nbsp;<a href="https://community.dynatrace.com/t5/user/viewprofilepage/user-id/46508">@Alexander_Mohr</a>&nbsp;</P><OL><LI>you can also check with Microsoft team the attached URL:&nbsp;<A href="https://learn.microsoft.com/en-us/microsoftteams/platform/webhooks-and-connectors/how-to/add-incoming-webhook?tabs=newteams%2Cdotnet" target="_blank">Create an Incoming Webhook - Teams | Microsoft Learn</A></LI><LI>you can enable&nbsp;</LI></OL><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Peter_Youssef_0-1726639800971.png" style="width: 726px;"><img src="https://community.dynatrace.com/t5/image/serverpage/image-id/22550iB4C5C1C1F4C405BB/image-dimensions/726x57?v=v2" width="726" height="57" role="button" title="Peter_Youssef_0-1726639800971.png" alt="Peter_Youssef_0-1726639800971.png" /></span></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Peter_Youssef_1-1726639862092.png" style="width: 653px;"><img src="https://community.dynatrace.com/t5/image/serverpage/image-id/22551iEAA25B1712858A8A/image-dimensions/653x307?v=v2" width="653" height="307" role="button" title="Peter_Youssef_1-1726639862092.png" alt="Peter_Youssef_1-1726639862092.png" /></span></P><P>For Credential vault feel free to review what might be applicable for current setup:&nbsp;<A href="https://docs.dynatrace.com/docs/platform-modules/digital-experience/synthetic-monitoring/general-information/external-vault-integration" target="_blank">External vault integration - Dynatrace Docs</A></P><P><A href="https://docs.dynatrace.com/docs/observe-and-explore/notifications-and-alerting/problem-notifications/microsoft-teams-integration#expand--example" target="_blank">Send Dynatrace notifications to Microsoft Teams - Dynatrace Docs</A></P> Wed, 18 Sep 2024 06:13:28 GMT https://community.dynatrace.com/t5/Open-Q-A/Risk-Security-Assessment-Integration-to-MS-Teams-using-Webhook/m-p/256190#M33830 Peter_Youssef 2024-09-18T06:13:28Z