Setting Up Integrations

Integrate Cortex XSOAR with Your PhishER Platform

In this article, you can learn how to integrate Cortex's XSOAR platform with the PhishER platform. Once you set up this integration, you'll be able to send your PhishER events to XSOAR and do mutations. For example, you can use commands to send PhishER messages and update the message status. Then, you can use this data for your automation and playbooks in XSOAR.

To learn about the benefits of this integration, see our Cortex XSOAR and KnowBe4 document.

Configuring the Integration

To configure the integration, follow the steps below:

  1. Log in to your XSOAR account.
  2. Navigate to Settings > Integrations > Servers & Services.
  3. Search for PhishER.
  4. Click Add instance to create and configure a new integration instance.
  5. Fill out the parameters with information about your PhishER platform. For more information, see the table below:
    Parameter Description Required
    Your server URL   True
    API Key   True
    First Fetch Time First fetch timestamp (<number> <time unit>, e.g., 12 hours, 7 days, 3 months, 1 year) False
    Fetch Incidents   False
    Fetch Limit Maximum number of alerts per fetch. Default is 50, maximum is 100. False
    Incident type   False
    Trust any certificate (not secure)   False
    Use system proxy settings   False
  6. Click Test to validate the URLs, tokens, and connection. 

Using Commands

After adding the integration, you can use commands to send data from PhishER to XSOAR.

For a list of commands you can use, see the table below:

Command Description
phisher-message-list Use this command to get messages from PhishER.
phisher-create-comment Use this command to add a comment to a PhishER message.
phisher-update-message Use this command to update a PhishER message status. The user must provide at least one argument.
phisher-tags-create Use this command to add tags to a given message.
phisher-tags-delete Use this command to remove tags from a given message.

For more information, see Cortex XSOAR’s KnowBe4 PhishER documentation.

Can't find what you're looking for?

Contact Support