Integrations

Nanitor is able to collaborate and share information with other third-party tools and communication platforms such as email. Not all IT security personnel or other responsible staff may use Nanitor on a daily basis, but it is important to be able to keep them informed of security incidents. Being able to react to newly detected security threats without manually opening the software increases the efficiency of Nanitor as a vulnerability management solution and improves the security of your company.

Nanitor offers some native integrations that allow pushing information directly to other applications. These native integrations are limited to Slack at the moment with more to come in the future. The ability to push notifications via email makes it possible to work with applications that support email import.

Another option to communicate with other applications is through the available public API. The public API makes it possible to pull information on monitored assets and detected issues from Nanitor. Leveraging the public API offers a broader range of use cases and presents no limit to the applications that Nanitor can communicate with, as long as those applications are able to import data from an API endpoint. In order to be able to retrieve information from a Nanitor API endpoint you will need an API key.

This article briefly describes how to use these integrations by setting up notification rules that will push information from Nanitor to the integrated applications. There will also be a short guide on how to leverage and use the public API. This should help you get started for a better-integrated way of working with Nanitor and sharing critical information with other stakeholders.

Slack

Slack is a commonly used communication platform. It is often used for internal communications and can be leveraged to link multiple organizations together by sharing Slack channels. Slack channels can be either private or public.

When setting up an integration to Slack you need to choose a dedicated Slack channel to which Nanitor should publish its notifications. It is best to set up the Slack integration as a Slack application for the Slack workspace being used by the organization. Detailed information on how that can be achieved can be found in the help center article for setting up the Slack integration.

Alerts

Nanitor has a powerful event bus that can be leveraged to push information to integrated applications (e.g. Slack) or one or more email addresses. Note that to be alerted via a Slack channel, you will first have to set up a Slack application and a dedicated Slack channel to receive alerts, as described above.

Alert rules can be set up from Organization Management -> Alert rules. They are generally used to send alerts about issues being found or resolved, either in the organization as a whole or on assets with a specific label, and can be filtered by priority (for example, get alerts only about P0 issues). It is also possible to set up alert rules for particular Nanitor remediation projects, to be notified when issues assigned to that project are added or resolved.

To create a new alert rule, click Create rule. In the pop-up window, define a rule set that the Nanitor event bus should listen to and where the notification should be sent. This can be one or more email addresses or a Slack webhook.

More detailed information on exactly how to set up and configure an alert rule can be found in the help center documentation.

Public API

The public API is another way to bring information from Nanitor to a third-party application. Any application can use the Nanitor REST API to pull information on monitored assets or detected issues in a programmatic way. Leveraging the REST API requires an API key for authentication purposes. Obtaining an API key is described in detail in the corresponding article in the help center.

All available REST API endpoints are documented in the Nanaitor REST API documentation. Currently, there are three available endpoints for assets and two for issues.