This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Risk/Security Assessment Integration to MS Teams using Webhook

Go to solution
echwallah
Advisor

‎30 Nov 2023 11:44 AM - last edited on ‎01 Dec 2023 08:15 AM by Community Team

We are having an  observation that has poised a security risk using the webhook for custom Integations and MS Teams.

 

The security teams made the below findings.

 

 

Vulnerability

Severity

Remediation

Sensitive Data Tampering

High

·         Encrypt payload to ensure the integrity and confidentiality of data.

 

Is there a mechanism to encrypt/obfuscate the payload from Dynatrace in order to address these risk as mentioned..

How can this be mitigated?

 

Dynatrace Certified Associate
0 Kudos
Reply
3 REPLIES 3

Go to solution
Alexander_Mohr
Dynatrace Participant
Dynatrace Participant

‎04 Dec 2023 12:58 PM - last edited on ‎05 Dec 2023 07:51 AM by Community Team

Hi, 

Thanks for pointing this out. I suggest using the native MS Teams for Workflow integration. Security-relevant information like tokens or incoming webhook URL, which includes tokens are managed within settings, are masked, and can't be extracted by the user. 

If you want to leverage HTTP(s) requests within workflows, I suggest using Credential Vault to manage and access tokens within a web request. 

Does this address your concern? 

BR Alexander

Reply

Go to solution
andre_vdveen
DynaMight Champion
DynaMight Champion

‎07 Dec 2023 08:22 AM

Hi Erick,

The payload is not exposed while traversing the network, as long as the webhook to MS Teams is using https, which it does by default as far as I'm aware; the concern you raise is based on what is visible in the browser/Burp, which makes sense as the endpoint is trusted and the payload is not encrypted anymore.

Therefore, if the security concern is related to potential authenticated malicious users, I understand the concern but as Alexander said, your other option is to use the integration via Workflows.

Regards,
André

0 Kudos
Reply

Go to solution
Peter_Youssef
Leader

‎18 Sep 2024 07:13 AM

Hi @echwallah

As highlighted by  @andre_vdveen , @Alexander_Mohr 

  1. you can also check with Microsoft team the attached URL: Create an Incoming Webhook - Teams | Microsoft Learn
  2. you can enable 

Peter_Youssef_0-1726639800971.png

Peter_Youssef_1-1726639862092.png

For Credential vault feel free to review what might be applicable for current setup: External vault integration - Dynatrace Docs

Send Dynatrace notifications to Microsoft Teams - Dynatrace Docs

0 Kudos
Reply
Ask a question

Featured Posts