Setting Up Integrations

Share

Is this article helpful?

Last updated:

Integrating XM Cyber’s SCM with PhishER

You can integrate your XM Cyber Security Control Monitoring (SCM) module into your PhishER console. XM Cyber’s SCM module provides you with insights into the configuration and activation of security controls.

Before You Connect XM Cyber’s SCM to Your PhishER Console

Before you integrate SCM into your PhishER console, follow the steps below.

  1. Log in to your KSAT console as an admin.
  2. Go to Account Settings.
  3. Navigate to the Account Integrations option on the sidebar.
  4. Click the API option.
  5. Under Product API, click the Product API link. This step will navigate you to the Product API tab on the KnowBe4 APIs page.
  6. Click the Create New API Token button.
  7. Fill in the following fields:
    1. Name: Use a memorable name.
    2. Expiration Date: Choose an expiration date that is far into the future.
    3. User: Enter the user who is creating the API token.
  8. The console will generate an API key. Please save this API key for the next steps.
Note: Make sure that you click Save Changes to save your Account Settings updates.

Connecting XM Cyber’s SCM to Your PhishER Console

Note: Ensure that an admin was previously added to your PhishER console. Only admins can grant users Security Roles, and an admin should also set up this integration. For more information visit our PhishER Settings Guide.

To connect SCM with your PhishER console, follow the steps below.

  1. Log in to XM Cyber’s SCM module as an admin.
  2. In the left menu bar, navigate to System > Tools Configuration.
  3. Select Add Tool.
  4. In the Add Tool dialog box, select SSPM, and then complete the fields as follows:
    1. Vendor: Select KnowBe4.
    2. Type: Select SOAR.
    3. Product Name: Select the Product Name, which is KnowBe4 PhishER.
    4. Version: Select the product version, which is not applicable.
    5. Machine: For a SaaS environment, select the cloud proxy server that XM Cyber gives you. For an on-prem environment, select your cloud proxy server.
    6. Name: You may use the default name or change the name if desired.
  5. Select Save. The tool should now appear on the tool list.
  6. Select the tool from the tool list.
  7. Under the General tab, check the System Active check box and select Apply Changes.
  8. If you are setting the datasource in a SaaS environment:
    1. In the Database field, name the database.
    2. Select Create Database, and then select Save. You should receive a message that you successfully created a database.
  9. In an on-prem environment, expand the database in the Datasource tab and then complete the following fields:
    1. Database Type: PostgreSQL
    2. Server: 127.0.0.1
    3. Port: 5432
    4. Database: You can use any database name you like as long as it contains only lowercase letters. For example, you can use “knowbe4_phisher” as your database name.
    5. User: cyberobserverds
    6. Password: C0DBLocal!
  10. Select the Create Database check box and select Save. You should receive a message that you successfully created a database.
  11. Expand the plugin in the Plugins tab and select Set Parameters. A Plugin Parameters dialog box will appear.
  12. Complete the fields using the API key you retrieved in previous steps.
  13. Select “plugin” to activate the plugin. You should receive a message that you have successfully activated the plugin.
  14. In the Plugins tab, select Save. You should receive a message that you have successfully installed the plugin.
  15. Select “next-1” (Execute) to run this plugin, connect the tool, and collect data. The entry under Last Successful Run will show the date and time the plugin was last run.

Was this article helpful?

0 out of 0 found this helpful

Can't find what you're looking for?

Contact Support