Setting Up Integrations

Integrating Harmonic Security with KSAT Using Tines

You can integrate your Harmonic Security platform into your KSAT console, allowing new workflows for security awareness training. The result is more intuitive training based on users’ actions.

Harmonic Security allows you to insert Harmonic alert data into a webhook endpoint, whether that be SIEM, SOAR, or other ingestion tools. For example, you can use Tines’ webhooks to build workflows that allow users to resolve their own security issues in Harmonic Security’s user intervention features.

Before You Integrate Harmonic Security with KSAT

Before you integrate Harmonic Security with your KSAT console, you need to ensure that KSAT is configured correctly and that you’ve created a Harmonic Protect custom event by setting up a Smart Group. This will trigger events in KSAT based on an alert from Harmonic Security’s platform.

You can use KnowBe4's User Event API to configure your custom event by following the steps below:

  1. Make a POST request using the .txt file below. 
    {
    "name": "Harmonic Data Protection",
    "description": "Track a user's involvement in a Data Protection alert. You can
    use this information to select event-specific training content from the ModStore
    for enrollment or to influence a user's Personal Risk Score."
    }	
  2. You should receive an ID in the response, which you will need to save.
  3. Set up a Smart Group in your KSAT console and set the following Custom Event criteria. Note that you will need to select the event type you created in the previous step. 

Connecting Harmonic Security with Your KSAT Console

Once you have created a Harmonic Protect custom event, you can now insert Harmonic Security alert data into a webhook, creating new workflows for KSAT’s security awareness training. To create a workflow, follow the steps below.

  1. Log in to the Harmonic Security portal, and click on the Integrations tab at the bottom left corner of the page.
  2. Click on Webhooks.
  3. Using Tines, select the webhook input, copy the URL from a Tines story into Harmonic Security’s webhook integration, and subscribe to all alerts.
  4. Store the alert data, including Username, Email, Alert Timestamp, and the Alert ID, in a database. Harmonic Security recommends using Notion’s database features, but you may use any database you like.
  5. You can query the database to see how many times a user has triggered an alert in a specific timeframe, such as 24 hours. 
Note:If you are unable to find an appropriate template in the Tines Story Library, you can use the cURL command listed below. This cURL command tells Tines how to handle the APIs and data from KnowBe4 and Harmonic Security.
curl -v \
-X POST \
--location \
"https://<>/events" \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer <>' \
-d '{"event_type":"Harmonic Data
Protection","target_user":"<>","external_id":"<>","source":"Harmonic
Protect","occurred_date":"<><date(tines_threshold_alerting.body.raisedat, \="\" %y-%m-%d\="%Y-%m-%d\" )=")">"}'

How Harmonic Security Works with Your KSAT Console and Slack

By using Harmonic Security to create workflows that trigger alerts in KSAT, you can send messages designed in Slack via its Block Kit Builder with information about security events to OpSec and users. Brief and targeted mandatory training will also be assigned to users after three security alerts.

  • When a user receives their first security alert, the SecOps team will receive a notification in their Slack channel.
  • If the alert is triggered a second time, the user will receive a message from Harmonic’s data protection virtual expert, Maestro, in Slack with more detailed information on what occurred and how to better protect organization data.
  • If an alert is triggered a third time, the user will be assigned mandatory security awareness training. This training is assigned to the Smart Group created for Harmonic Security events.

Can't find what you're looking for?

Contact Support