PagerDuty + Alerts from ThreatKey Documentation

PagerDuty + Alerts for ThreatKey Integration Benefits

  • Notify on-call responders based on new security findings from ThreatKey.
  • Create high and low urgency incidents based on the severity of the security finding from ThreatKey.
  • Incidents will automatically resolve in PagerDuty when the security finding is detected as remediated within the ThreatKey platform.

How it Works

  • ThreatKey security findings are sent to PagerDuty with the full event details.
  • ThreatKey maps it's own internal finding severities to the following PagerDuty severity levels

ThreatKey Severity PagerDuty Severity
Info Info
Low Warning
Medium Warning
High Error
Critical Critical

Requirements

  • PagerDuty integrations require an Admin base role for account authorization. If you do not have this role, please reach out to an Admin or Account Owner within your organization to configure the integration.

Support

If you need help with this integration, please contact support@threatkey.com

Integration Walkthrough

In ThreatKey

  1. Login into an admin account in ThreatKey
  2. Navigate to Environment --> Destinations
  3. Find the PagerDuty connection tile and click the "Connect" button
  4. Login to your PagerDuty account 
  5. Select which services in your PagerDuty organization you want ThreatKey to have permission to send to. Note: You will configure which service the security findings are sent to within the ThreatKey platform. This step is just choosing which services ThreatKey has permission to send to then click "connect" 
  6. Now you will be redirected back to the ThreatKey platform and can select whether you want to enable basic or finding notifications and what PagerDuty service you would like them sent to.
  7. To enable a notification type click the enabled toggle switch and then select which PagerDuty service to send to then click "save" once you have configured this. 

How to Uninstall

In ThreatKey

  1. Login into an admin account in ThreatKey
  2. Navigate to Environment --> Destinations
  3. Find the PagerDuty destination you intend to uninstall / delete and then click the 3 dots on that connection row, then click "Disconnect" 
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us