Skip to content

PagerDuty Integration

Trigger PagerDuty incidents when KEV entries or critical CVEs hit your environment.

Prerequisites

  • PagerDuty account with a service set up
  • PagerDuty integration key (Events API v2)

Get a PagerDuty Integration Key

  1. In PagerDuty, navigate to Services > your service
  2. Click Integrations tab
  3. Click Add an integration
  4. Select Events API v2
  5. Copy the integration key

Configure in BreachSpider

  1. Navigate to Integrations > Alert Rules
  2. Click Add Rule
  3. Select provider: PagerDuty
  4. Fill in:
  5. Integration Key
  6. Severity mapping (Critical CVE = P1, High CVE = P2)
  7. Click Test Connection
  8. Click Save Rule

Via API

rule = {
    "name": "OT Security PagerDuty",
    "environment_id": 5,
    "trigger_event": "kev.new",
    "severity_floor": 9.0,
    "destination_type": "pagerduty",
    "pagerduty_integration_key": "your-integration-key"
}

response = requests.post(
    "https://breachspider.com/api/v1/integrations/connections",
    headers=headers,
    json=rule
)

PagerDuty Alert Details

BreachSpider populates PagerDuty incidents with:

  • Summary: CVE ID, title, CVSS score
  • Severity: critical for CVSS 9+, error for CVSS 7-8.9
  • Component: Affected vendor/product
  • Custom details: BSID, BCS score, EPSS percentile, KEV flag, affected assets
  • Links: BreachSpider CVE page, NVD, patch notes