PGP Webhook

Written By Dan Crawford

Last updated 6 days ago

PGP provides webhook integrations that allow you to send or receive data between your PGP instance and external applications. This enables you to connect tools and systems that don't yet have an official PGP integration.

Incoming Webhook

Setup

Each PGP instance supports one active webhook. In Settings, under the Notifications Settings section, find the "Webhook URL" section.

Click the "Generate URL" button to create your unique PGP Webhook URL.

If you prefer using the command line, you can enable and retrieve your webhook URL using the Praetorian CLI:

$ praetorian PGP add webhookhttps://xxxxxxxxxxxx.execute-api.us-east-2.amazonaws.com/PGP/hook/:username/:pin

Add a Vulnerability

To add a vulnerability to be tracked in PGP, send the following request:

curl -X 'PUT' \'https://<webhook.url>' \-H 'accept: */*' \-H 'Content-Type: application/json' \-d '{"dns": "public-facing-api.domain.com","name": "192.168.15.30","finding": "Exposed_Admin_Interface" # must match regex /^\\S+$/}'

The risk will now appear in your Vulnerabilities page.

Add an asset

To add an asset to PGP, send the following request:

curl -X 'PUT' \'https://<webhook.url>' \-H 'accept: */*' \-H 'Content-Type: application/json' \-d '{"dns": "staging.domain.com","name": "10.1.1.5"}'

This will add a new asset to your Assets page. 

Important Notes About Webhook-Added Assets:Assets added through the webhook are ephemeral. They are scanned once by PGP and then retained only for their configured time-to-live (TTL). If an asset is not rediscovered by another integration or re-submitted via the webhook before its TTL expires, it will automatically fall out of the platform.

If an official integration exists for the asset type you are trying to track—such as AWS, Azure, GCP, or other supported providers—you should use that integration instead. Native integrations continuously enumerate cloud resources and provide full, ongoing coverage, whereas webhook-added assets are intended for one-off or custom use cases.

Outgoing Webhook

The PGP platform provides an outgoing webhook integration that sends security notifications for identified risks when they are opened in PGP. This enables custom integrations with existing security operations and incident response workflows.

Setup

On the Integrations page, click Add Integration. Under the IT Service Management group, you will see the Outgoing Webhook setup:

Required Fields:- Webhook Name: A friendly identifier for the integration (e.g., "SecOps SQS Queue")- Webhook URL: The target endpoint that will receive POST requests- Severity Threshold: Minimum risk severity level (Medium, High, Critical by default)

Optional Authentication:- Authentication Header Name: Custom header name (e.g., "Authorization", "X-API-Key")- Authentication Header Value: Corresponding header value for authentication

Webhook Payload

The webhook sends POST requests with JSON payloads containing complete risk data including severity, description, affected assets.

If you run into any issues or have questions about maximizing the value of the webhook, our support team is ready to help. You can reach us at support@praetorian.com, and we'll be happy to guide you through any challenges you encounter.