KnowBe4
Last reviewed: about 1 year ago
When Email Security detects a phishing email, the metadata of the detection can be sent directly to KnowBe4. For this tutorial, you will need a working KnowBe4 account with the SecurityCoach add-on. You will also need to create an organization key to use in Email Security. This organization key will let you integrate KnowBe4 with Email Security. Refer to KnowBe4 documentation for more information on this subject.
After creating your organization key and authorizing Email Security:
- Log in to the Email Security dashboard.
- Go to Settings (the gear icon).
- Go to Email Configuration > Domains & Routing > Alert Webhooks.
- Select New Webhook.
- In App Type, select SIEM.
- Choose KnowBe4 from the dropdown, and paste your organization key into the Auth Code section.
- In Target, paste the URL that suits your organization. KnowBe4 has different URLs for different regions:
KnowBe4 instance URL United States https://area1.vendor.training.knowbe4.com/v1European Union https://area1.vendor.eu.knowbe4.com/v1Canada https://area1.vendor.ca.knowbe4.com/v1United Kingdom https://area1.vendor.uk.knowbe4.com/v1Germany https://area1.vendor.da.knowbe4.com/v1 - Select Expanded from the drop-down menu for Malicious Style, Suspicious Style, and Spoof Style.
- Select Publish Webhook.