KnowBe4
Last reviewed: about 1 year ago
When Email Security detects a phishing email, the metadata of the detection can be sent directly to KnowBe4. For this tutorial, you will need a working KnowBe4 account with the SecurityCoach add-on. You will also need to create an organization key to use in Email Security. This organization key will let you integrate KnowBe4 with Email Security. Refer to KnowBe4 documentation ↗ for more information on this subject.
After creating your organization key and authorizing Email Security:
- Log in to the Email Security dashboard ↗.
- Go to Settings (the gear icon).
- Go to Email Configuration > Domains & Routing > Alert Webhooks.
- Select New Webhook.
- In App Type, select SIEM.
- Choose KnowBe4 from the dropdown, and paste your organization key into the Auth Code section.
- In Target, paste the URL that suits your organization. KnowBe4 has different URLs for different regions:
KnowBe4 instance URL United States https://area1.vendor.training.knowbe4.com/v1
European Union https://area1.vendor.eu.knowbe4.com/v1
Canada https://area1.vendor.ca.knowbe4.com/v1
United Kingdom https://area1.vendor.uk.knowbe4.com/v1
Germany https://area1.vendor.da.knowbe4.com/v1
- Select Expanded from the drop-down menu for Malicious Style, Suspicious Style, and Spoof Style.
- Select Publish Webhook.