Add profile.created and profile.deleted webhook events
I am requesting the profile.created and profile.deleted events be added to webhooks. Considering the sensitive nature of profiles, it follows these are events which would be of interest to security and IT teams. For example, if an attacker were to gain access to a SimpleMDM instance and craft a malicious profile.
In our case, most profiles are created through the API. Knowing when a profile is manually created in the web app is an important signal as it could mean someone has maliciously gained access or an impending profile misconfiguration is on the way. We also keep a cache of existing profile names and IDs in order to optimize device assignment using the API. Being able to dynamically update the cache using an event based trigger as profiles are created and deleted is much more efficient than polling the API on a scheduled interval.
Webhook fields to include:
- Profile name
- Profile ID. Particularly important to programmatically use the API to respond to events.
- Requested by. Include whether or not API, and the account. Same as logs today.
- Event ID