Platform Integrations
Technical guide for configuring third-party integrations for cloud assets, vulnerability scanning, alerts, and ticketing
Summary
ProjectDiscovery supports various third-party integrations to enhance your security workflow. These integrations enable:
-
Cloud asset discovery and management
-
Real-time alerting through communication platforms
-
Automated vulnerability tracking through ticketing systems
-
Custom webhook integrations for workflow automation
Configure your integrations through the Configurations interface.
Notification Integrations
Alerting integrations support notifications as part of scanning and include Slack, Microsoft Teams, Email, and custom Webhooks. Navigate to Scans → Configurations → Alerting to configure your alerts.
Slack
ProjectDiscovery supports scan notifications through Slack. To enable Slack notifications provide a name for your Configuration, a webhook, and an optional username.
Choose from the list of Events (Scan Started, Scan Finished, Scan Failed) to specify what notifications are generated. All Events are selected by default
- Refer to Slack’s documentation on creating webhooks for configuration details.
MS Teams
ProjectDiscovery supports notifications through Microsoft Teams. To enable notifications, provide a name for your Configuration and a corresponding webhook.
Choose from the list of Events (Scan Started, Scan Finished, Scan Failed) to specify what notifications are generated.
- Refer to Microsoft’s documentation on creating webhooks for configuration details.
ProjectDiscovery supports notifications via Email. To enable email notifications for completed scans simply add your recipient email addresses.
Webhook
ProjectDiscovery supports custom webhook notifications, allowing you to post events to any HTTP endpoint that matches your infrastructure requirements.
To implement webhook notifications, provide:
-
Configuration name
-
Webhook URL
-
Authentication parameters (if required)
Example endpoint format:
Ticketing Integrations
The integrations under Ticketing support ticketing functionality as part of scanning and include support for Jira, GitHub, GitLab, and Linear. Navigate to Scans → Configurations → Ticketing to configure your ticketing tools.
Jira
ProjectDiscovery provides integration support for Jira to create new tickets when vulnerabilities are found.
Provide a name for the configuration, the Jira instance URL , the Account ID, the Email, and the associated API token.
Details on creating an API token are available in the Jira documentation here.
GitHub
ProjectDiscovery provides integration support for GitHub to create new tickets when vulnerabilities are found.
Provide a name for the configuration, the Organization or username, Project name, Issue Assignee, Token, and Issue Label. The Issue Label determines when a ticket is created. (For example, if critical severity is selected, any issues with a critical severity will create a ticket.)
-
The severity as label option adds a template result severity to any GitHub issues created.
-
Deduplicate posts any new results as comments on existing issues instead of creating new issues for the same result.
Details on setting up access in GitHub are available here.
GitLab
ProjectDiscovery provides integration support for GitLab to create new tickets when vulnerabilities are found.
Provide your GitLab username, Project name, Project Access Token and a GitLab Issue label. The Issue Label determines when a ticket is created. (For example, if critical severity is selected, any issues with a critical severity will create a ticket.)
-
The severity as label option adds a template result severity to any GitLab issues created.
-
Deduplicate posts any new results as comments on existing issues instead of creating new issues for the same result.
Refer to GitLab’s documentation for details on configuring a Project Access token.
Linear
ProjectDiscovery integrates with Linear for automated issue tracking. The integration requires the following API parameters:
-
Linear API Key
-
Linear Team ID
-
Linear Open State ID
To retrieve these parameters:
-
API Key Generation:
-
Path: Linear > Settings > API > Personal API keys
-
Direct URL: linear.app/[workspace]/settings/api
-
-
Team ID Retrieval:
- Open State ID Retrieval:
For detailed API documentation, refer to the Linear API Documentation.
Cloud Asset Discovery
ProjectDiscovery leverages our open-source Cloudlist technology to provide comprehensive cloud asset discovery and management through a simple web interface.
Major Cloud Services
AWS (Amazon Web Services)
Supported AWS Services:
Example Config: Amazon Web Services can be integrated by using the following configuration block.
aws_access_key
and aws_secret_key
can be generated in the IAM console. We recommend creating a new IAM user with Read Only
permissions and providing the access token for the user.
Scopes Required:
The following scopes can directly be provided to the IAM user.
To also support other services, a custom policy document is provided which can directly be copy-pasted to the role to allow correct and minimal permissions.
References:
-
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
-
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html
-
Aws Assume Role:
Google Cloud Platform (GCP)
Supported GCP Services:
Example Config:
Google Cloud Platform can be integrated by using the following configuration block.
gcp_service_account_key
can be retrieved by creating a new service account. To do so, create service account with Read Only access to cloudresourcemanager
and dns
scopes in IAM. Next, generate a new account key for the Service Account by following steps in Reference 2. This should give you a json which can be pasted in a single line in the gcp_service_account_key
.
Scopes Required: Cloud DNS, GKE
References:
Azure
Supported Azure Services:
- Virtual Machines
Example Config:
Microsoft Azure can be integrated by using the following configuration block.
tenant_id
, client_id
, client_secret
can be obtained/generated from All services
> Azure Active Directory
> App registrations
subscription_id
can be retrieved from All services
> Subscriptions
To use cli auth set use_cli_auth
value to true
and run az login
in the terminal
References:
-
https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli
-
https://docs.microsoft.com/en-us/cli/azure/ad/sp?view=azure-cli-latest#az_ad_sp_create_for_rbac
-
https://docs.microsoft.com/en-us/cli/azure/authenticate-azure-cli
Alibaba Cloud
Suppoted Alibaba Cloud Services:
- ECS Instances
Example Config:
Alibaba Cloud can be integrated by using the following configuration block.
Alibaba Cloud Access Key ID and Secret can be created by visiting https://ram.console.aliyun.com/manage/ak
References:
Infrastructure & Platform Services
Kubernetes
Support for:
-
Services
-
Ingresses
-
Cross-cloud cluster discovery
Navigate to Assets → Connect Cloud Services → Kubernetes to configure your cluster access.
Hashicorp Stack
Support for:
-
Terraform state file parsing
-
Nomad services
-
Consul services
CDN & DNS Providers
Configure these providers through Assets → Connect Cloud Services:
-
Cloudflare: DNS and CDN assets
-
Fastly: CDN endpoints
-
Namecheap: Domain management
VPS & PaaS Providers
Access these providers through Assets → Connect Cloud Services:
-
DigitalOcean: Droplets and managed services
-
Scaleway: Instances and managed services
-
Heroku: Applications and add-ons
-
Linode: Compute instances
-
Hetzner Cloud: Cloud servers
Scan Configurations
Configure custom HTTP headers, template variables, and interactsh server settings to customize your scan behavior. Access these settings at Scans → Configurations → Scan Settings.
You can configure:
-
Custom HTTP headers for scan requests
-
Template variables for scan customization
-
Interactsh server settings for OOB testing
Template Configurations
Access pre-configured templates or create custom configurations with filtered rules based on:
-
Severity levels
-
Tags
-
Protocol types
-
Template IDs
Configure these settings at Scans → Configurations → Template Profiles.
Want to write your custom templates? Learn more in our Template Editor documentation.
Was this page helpful?