Skip to content

Slack, PagerDuty & OpsGenie

Three channels you can wire up under Profile → Notifications to get findings out of the CredWatch portal and into the tools your team already lives in.

Channel Plan Use for
Slack Starter+ Day-to-day visibility, channel-wide awareness
PagerDuty Growth+ Page on-call for high-severity validated findings
OpsGenie Growth+ Same as PagerDuty but for OpsGenie shops

You can enable any combination simultaneously.

Slack

CredWatch posts to Slack via incoming webhook — no OAuth app, no installation flow.

Set up

  1. In Slack: Apps → Incoming WebHooks → Add to Slack. Pick the channel you want.
  2. Copy the webhook URL (https://hooks.slack.com/services/T…/B…/…).
  3. In CredWatch: Profile → Notifications → Slack webhook URL, paste, Save.
  4. Click Send test — a CredWatch message should appear in your channel.

What you'll see

  • Immediate alert — one message per validated finding scoring ≥ 80. Includes service name, masked credential, source link, score, validation status.
  • Daily digest — every morning at 08:00 UTC, a summary of yesterday's validated findings.
  • Resolution notification — when a finding is resolved (manually or auto), a green check-in message.

PagerDuty

PagerDuty integration uses Events API v2 with deduplication by finding ID — re-firing the same alert won't open a duplicate incident.

Set up

  1. In PagerDuty: create a new service for CredWatch (or use an existing one).
  2. Add an integration: CredWatch → Events API v2.
  3. Copy the Integration Key (routing key).
  4. In CredWatch: Profile → Notifications → PagerDuty Routing Key, paste, Save.
  5. Click Send test — a Triggered incident should appear in PagerDuty within seconds.

What pages

Only the highest-severity findings page on-call:

  • composite_score ≥ 90, AND
  • validation_status = valid (confirmed live), AND
  • status = active (not already resolved or suppressed)

These thresholds are deliberately conservative — paging is for things that truly need a human in the next 15 minutes.

When the finding is resolved in CredWatch, the corresponding PagerDuty incident is automatically resolved.

OpsGenie

Same model as PagerDuty, different vendor. CredWatch hits the Alerts API v2 with alias-based dedup.

Set up

  1. In OpsGenie: Integrations → Add API Integration → Generic API Integration.
  2. Copy the API Key.
  3. In CredWatch: Profile → Notifications → OpsGenie API Key, paste, Save.
  4. EU region: also set OPSGENIE_API_URL=https://api.eu.opsgenie.com/v2/alerts (your operator will need to update the env if your account is EU-region).
  5. Click Send test.

What alerts

Same thresholds as PagerDuty: score ≥ 90 + valid + active.

Email alerts

Email is always on for every plan, no setup required. Manage which addresses receive alerts under Profile → Alert emails:

  • Add up to 10 email addresses.
  • Each address receives both immediate alerts and the daily digest.
  • Remove an address by clicking the × next to it.

Quietening alerts

If you're getting too many alerts:

  1. Raise the immediate-alert threshold via your operator (env: IMMEDIATE_ALERT_SCORE).
  2. Use suppression rules to silence noisy patterns or test fixtures.
  3. Mark recurring false positives so the underlying pattern can be improved.