Orca Security
Last updated
Last updated
To configure the Orca Security integration, follow these steps:
Within the Gomboc portal, create an access token, either a personal or organization API token will work. Once the token is created, copy it to your clipboard.
Go to Settings > Integrations > Orca
Insert the Gomboc token you just copied and paste it within the 'Gomboc Token' field
On a separate tab go to your Orca Security account and create an API token.Account settings > Users & Permissions > API > Add api token
The token should never expire and should have access to the cloud account you would like to remediate.
Once the secret is created, copy it and paste it within the 'Orca Token' field on Gomboc.AI. Make sure to select the correct region of your Orca account.
5.Once the integration is complete you will receive an Access token you will need to use to create the webhook on Orca Security.
Within you Orca Security account go toSettings > Connections > Integrations > Webhook
When creating the webhook, be sure to include the access token you received from the Gomboc integration and include it within the 'API key' field. The trigger URL should also be set to https://cspm.app.gomboc.ai/api/v1/observations/orca.
Once the webhook is created, you can create an automation with the webhook. Go to the Orca Security automations tab and create a new automation.
Create the automation to trigger on Alerts with the open state, and have the Webhook URL to be the one you just created in step 7. You can also send existing alerts through the webhook by checking the 'Apply to Existing Alerts' option.