Phoenix Security keeps users and teams informed of any significant events that take place within their accounts by using communication channels like email or messages. A popular communication channel for teams and individuals is Slack, and Phoenix can integrate with it in order to provide updates of the status of the organisation’s account and it’s assets and vulnerabilities.
Any communication sent by Phoenix is always based on the user’s account configuration and provides concise and relevant information related to the user’s account. Users select which Slack workspaces they integrate with, and then which channels are used for different areas of the Phoenix account (see sections B and C below). This ensures that notifications sent through Slack are relevant to the individuals with access to each channel.
The screenshot below shows a typical daily update for applications with new vulnerabilities.
A. Integrating Slack
Integrating Slack within Phoenix Security
Before using the integration for Slack features within your Phoenix Security instance, you have to set it up first by configuring the Slack – Phoenix Security integration. Here are the steps to complete the integration process:
- On the Navigation Menu, go to Integrations > Workflow. Then click on the Add Workflow Integration button.
- In the first step enter a name for the integration and select the “Slack” integration type. Then click Next.
- On the second step enter “AUTO” in the Bot Token input, if not already present. This will generate a Bot Token for this integration through the Slack OAuth process.
- Click the “Create Workflow” button. The browser will redirect to a Slack permissions validation screen similar to the one below.
- Click on “Allow” to complete the integration. The browser will redirect back Phoenix Security and your new integration will be visible on the Workflow Integrations page. Now you can start configuring Slack for your Applications and Environments.
B. Link Slack to an Application
In order to link an existing Phoenix Security Application to Slack, you need to edit the Application and enable the “Link to Notification Channel” checkbox.
- On the Navigation Menu, select Risk Explorer > Applications.
- Select the Application List tab and scroll down to the Application that you want to update. Hover your mouse over the application entry, click on the three-dots icon than appears on the right, and select Edit (pencil icon).
- In the Update Application form, find that Integration section on the right-hand side and check the “Link to Notification Channel”.
- Select the Notification Account and Notification Channel that you want to link the Application to.
- Click the “Save Integrations Config” button to save the changes.
By linking your application to a Slack channel you will be able to receive notifications about the application in that channel
C. Link Slack to an Environment
In order to link an existing Phoenix Security Environment to Slack, you need to edit the Environment and enable the “Link to Notification Channel” checkbox. The whole process is analogous to the one for Applications (above):
- On the Navigation Menu, select Risk Explorer > Environments.
- Select the Environment List tab and scroll down to the Environment that you want to update. Hover your mouse over the application entry, click on the three-dots icon than appears on the right, and select Edit (pencil icon)
- In the Update Environment form, find that Integration section on the right-hand side and check the “Link to Notification Channel”.
- Select the Notification Account and Notification Channel that you want to link the Environment to.
- Click the “Save Linking to Issue Integrations Config” button to save the changes.
