Event Types
Event Types that can be configured to send you alerts.
There are many types of events. Each type has a distinct key that you can use to filter events or configure integrations. The full list is below:
Key | Subject | Triggers when |
|---|---|---|
account-apikey-add | API Key Added | A new API key is added |
account-user-add | User Added | A user is added |
site-cert-fail | Failed Certification | A website fails Halo Security Certified Secure certification scan after previously passing |
domain-add | Domain Added | A new domain is added for Discovery |
domain-host-add | New Domain Host Discovered | A hostname is detected during a discovery scan that was not detected on the previous scan |
domain-scan-finish | Scan Complete | A discovery scan completes on a domain |
domain-scan-first | First Scan Complete | A discovery scan completes on a domain for the first time |
domain-scan-start | Scan Started | A discovery scan starts on a domain |
domain-tld-add | New Domain TLD Discovered | A domain TLD is detected during a discovery scan that was not detected on the previous scan |
firewall-banner-change | Firewall Port Banner Change | The banner information transmitted by a port is different from the previous scan |
firewall-platform-add | New Firewall Platform Detected | A platform is detected during a Firewall scan that was not detected on the previous scan |
firewall-port-add | Firewall Port Opened | A open port is detected during a Firewall scan that was not detected on the previous scan |
issue-add | New Issue Detected | An issue was discovered during a scan that was not detected on a previous scan |
issue-add-first-scan | New Issue Detected (First Scan) | An issue was discovered during the first scan of a target |
network-add | Network Added | A new network is added to your account |
network-ip-add | New Network IP Discovered | An active IP address is detected on a network that was not detected on the previous scan |
network-ip-remove | Network IP Offline | An active IP address is not detected on a network that was detected on the previous scan |
network-port-add | New Network Port Discovered | An open port is detected during a discovery scan on a network that was not detected on the previous scan |
network-port-remove | Network Port Closed | An open port is not detected during a discovery scan on a network that was detected on the previous scan |
network-scan-finish | Scan Complete | A discovery scan completes on a network |
network-scan-first | First Scan Complete | A discovery scan completes on a network for the first time |
network-scan-start | Scan Started | A discovery scan starts on a network |
pci-report-approved | PCI Report Approved | A submitted PCI report is approved |
pci-report-rejected | PCI Report Rejected | A submitted PCI report is rejected |
pci-report-expire-past | PCI Report Has Expired | The validity of a PCI report expires. This occurs when 91 days have elapsed since a PCI report was approved. |
pci-report-expire-soon | PCI Report Expires Soon | The validity of a PCI report expires in 30 days. This occurs 60 days after a PCI report is approved. |
pci-report-expire-today | PCI Report Expires Today | The validity of a PCI report is about to expire. This occurs 90 days after a PCI report is approved. |
pci-report-rejected | PCI Report Rejected | A submitted PCI report is rejected |
pentest-engineer | Penetration Test Engineer Assigned | A security engineer is assigned to a penetration test |
pentest-file | Penetration Test File Attached | A new file is attached to a penetration test |
pentest-state | Penetration Test State Changed | The state of a penetration test is modified |
review-engineer | Security Review Engineer Assigned | A security engineer is assigned to a security review |
review-file | Security Review File Attached | A new file is attached to a security review |
review-state | Security Review State Changed | The state of a security review is modified |
riskscore-high | Risk Score High | Your account's risk score surpasses 600 |
riskscore-medium | Risk Score Medium | Your account's risk score surpasses 300 |
target-add | Target Added | A new target is added to your account |
target-scan-failed | Scan Failed | A scan fails to complete on a target |
target-scan-finish | Scan Complete | A scan completes on a target |
target-scan-first | First Scan Complete | A scan completes on a target for the first time |
target-scan-start | Scan Started | A scan starts on a target |
technology-add | New Technology Detected | New technology was discovered that was not found on the last scan |
technology-add-first-scan | New Technology Detected (First Scan) | New technology was discovered on the first scan of a target |
issue-add | Issue Found | An issue is detected on a target for the first time |
website-cert-expired | SSL Certificate Expired | A TLS or SSL certificate is detected as expired during the website scan |
website-cert-expiring | SSL Certificate Expiring | A TLS or SSL certificate is detected as expiring within 30 days during a website scan |
website-cert-new-country | SSL Certificate New Country | The TLS or SSL certificate country code detected during the website scan doesn't match that of the previous scan |
website-cert-new-issuer | SSL Certificate New Issuer | The TLS or SSL certificate issuer detected during the website scan doesn't match that of the previous scan |
website-cert-risk | SSL Certificate Risk | The risk rating of a TLS or SSL certificate changes from low to medium or high |
website-cookie-monitor-change | Monitored Website Cookie Changed | The value of a monitored website cookie is detected as different than during the previous website scan |
website-cookie-new-country | Website Cookie New Country | A cookie is detected loading from a different country than it did during the previous scan |
website-cookie-oos | Website Cookie Out-of-Scope | A cookie is detected from a host that is out-of-scope during a website scan |
website-cookie-risk | Website Cookie Risk | The risk rating of a cookie changes from low to medium or high |
website-download-monitor-change | Monitored Website Download Changed | A monitored download is detected as different than during the previous website scan |
website-download-new-country | Website Download New Country | A website download is detected in a new country during a website scan |
website-download-oos | Website Download Out-of-Scope | A website download is detected out-of-scope during a website scan |
website-download-risk | Website Download Risk | The risk rating of a download changes from low to medium or high |
website-form-monitor-change | Monitored Website Form Changed | A monitored form's content is detected as different than in the previous scan |
website-form-new-country | Website Form New Country | A website form is detected in a new country during a website scan |
website-form-oos | Website Form Out-of-Scope | A website form is first detected sending data to an out-of-scope domain |
website-form-risk | Website Form Risk | The risk of a form changes from low to medium or high |
website-header-monitor-change | Monitored Website Header Changed | The value of a monitored HTTP header is detected as different than during the previous website scan |
website-header-risk | Website Header Risk | The risk rating of an HTTP header changes from low to medium or high |
website-link-new-country | Website Link New Country | A website link is detected in a new country during a website scan |
website-link-new-email | Website Link New Email | A new href="mailto:..." address is detected during a website scan |
website-link-new-phone | Website Link New Phone | A new href="tel:..." address is detected during a website scan |
website-link-oos | Website Link Out-of-Scope | A website link is detected out-of-scope during a website scan |
website-link-risk | Website Link Risk | The risk of a link changes from low to medium or high |
website-script-monitor-change | Monitored Website Script Changed | The content of a monitored script is different than during the previous website scan |
website-script-new-country | Website Script New Country | A script is detected as loading from a different country than it did during the previous scan |
website-script-oos | Website Script Out-of-Scope | A script is detected on a scan that didn't exist on the previous scan |
website-script-risk | Website Script Risk | The risk rating of a script changes from low to medium or high |
website-traffic-new-country | Website Traffic New Country | The website traffic is detected in a new country during a website scan |
website-traffic-oos | Website Traffic Out-of-Scope | The website traffic is detected out-of-scope during a website scan |
website-whois-changed | Domain Registration Changes | The ICANN domain registration details are different than during the previous website scan |
website-whois-expired | Domain Registration Expired | The ICANN domain registration is detected as expired during a website scan |
website-whois-expiring | Domain Registration Expiring | The ICANN domain registration is detected as expiring within 30 days during a website scan |
vulnscan-vuln-found | New Vulnerability | A new vulnerability is found |
Last modified 1yr ago