Solved: Re: Risk/Security Assessment Integration to MS Teams using Webhook

echwallah · ‎30 Nov 2023

We are having an observation that has poised a security risk using the webhook for custom Integations and MS Teams.

The security teams made the below findings.

Vulnerability	Severity	Remediation
Sensitive Data Tampering	High	· Encrypt payload to ensure the integrity and confidentiality of data.

Is there a mechanism to encrypt/obfuscate the payload from Dynatrace in order to address these risk as mentioned..

How can this be mitigated?

Dynatrace Certified Associate

Alexander_Mohr · ‎04 Dec 2023

Hi,

Thanks for pointing this out. I suggest using the native MS Teams for Workflow integration. Security-relevant information like tokens or incoming webhook URL, which includes tokens are managed within settings, are masked, and can't be extracted by the user.

If you want to leverage HTTP(s) requests within workflows, I suggest using Credential Vault to manage and access tokens within a web request.

Does this address your concern?

BR Alexander

andre_vdveen · ‎07 Dec 2023

Hi Erick,

The payload is not exposed while traversing the network, as long as the webhook to MS Teams is using https, which it does by default as far as I'm aware; the concern you raise is based on what is visible in the browser/Burp, which makes sense as the endpoint is trusted and the payload is not encrypted anymore.

Therefore, if the security concern is related to potential authenticated malicious users, I understand the concern but as Alexander said, your other option is to use the integration via Workflows.

Regards,
André