Chariot can ingest new assets and risks via a webhook. This is useful for connecting external applications to Chariot that do not have an official integration. 

Enable the Webhook URL

Each Chariot instance may have one active webhook at a time. To enable your instance's webhook, navigate to the Integrations page and click on the Chariot Webhook integration card:

Click Connect to open the integration card:

You can manually copy the webhook URL from the section highlighted above. Additionally, clicking Add will automatically copy the webhook URL to your clipboard:

Alternatively, you can enable and retrieve your webhook with the Praetorian CLI:

$ praetorian chariot add webhook
https://xxxxxxxxxxxx.execute-api.us-east-2.amazonaws.com/chariot/hook/:username/:pin

Add a risk

To add a risk to be tracked in Chariot, send the following request:

curl -X 'POST' \
'https://<webhook.url>' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"dns": "public-facing-api.domain.com",
"name": "192.168.15.30",
"finding": "Exposed_Admin_Interface" # must match regex /^\\S+$/
}'

The risk will now appear in your Risks page:

Add an asset

To add an asset to Chariot, send the following request:

curl -X 'POST' \
'https://<webhook.url>' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"dns": "staging.domain.com",
"name": "10.1.1.5"
}'

This will add a new asset to your Assets page: