Using D3 Security's XGEN SOAR Platform with Your KMSAT Console
KnowBe4’s integration with D3 Security combines KMSAT training results with the D3 Security XGEN SOAR platform. With this integration, your SOAR platform can analyze data and automate response processes, such as incident response, in your KMSAT console. You can use this integration to monitor your users’ training and phishing campaign results, identify your high-risk users, and automate response commands in your KMSAT console. For example, the XGEN SOAR platform can identify high-risk users who fail Phishing Security Tests (PSTs) by analyzing their phishing campaign results and Phish-prone Percentage. Then, the platform can trigger automatic updates to the users’ Risk Scores in your KMSAT console.
When you set up your integration, you will be able to customize your commands and connections. Commands are the actions available within an integration. Connections are the credentials added for an integration. Setting up commands and connections will allow you to customize workflows for this integration. You can also configure additional connection parameters if you would like.
To learn more about the types of integrations that D3 Security offers, visit their website.
Connecting Your KMSAT Console to the XGEN SOAR Platform
To connect your KMSAT console to the XGEN SOAR platform, follow the steps below:
- Log in to your D3 Security XGEN SOAR admin console.
- From the sidebar on the left side of the page, click the Integrations tab.
- Enter “KnowBe4” in the Integrations search bar.
- From the list of results, select a built-in integration. You can click the arrow icon next to the built-in integration to view a list of available actions for the integration.
- Once you have selected the integration, click the +New Connection button. When you click this button, the New Connection pop-up window will open.
- In the New Connection pop-up window, enter your credentials. Include the Server URL, a username and password, and the API Token. For the API Token, use the User Event API token found in your KMSAT Account Settings. See our How to Edit Your Account Settings article for more information.
Note: Reporting API access must be enabled in your KMSAT console. In your KMSAT Account Settings, select the Enable Reporting API Access check box, then click Save Changes. Refresh the page to confirm that the changes were saved, then copy the API Token.
In the pop-up window, click Test Connection to confirm that your API connection is successful, then click +Add.
After the API connection is tested and the integration is added, you can use the built-in commands in your workflows.
For details about the recommended commands for the integration with your KMSAT console, see the table below:
|Command Name||Display Name||Command Description|
|getUserPSTResults||Get User PST Results||
This command retrieves the details about a specific user’s Phishing Security Test (PST) results, based on the provided PST identifier (PST ID) and the recipient identifier (Recipient ID).
Get User Risk Score History
This command gets the Risk Score change history for the specific user.
This command retrieves a list of all active groups or a specific group in the current user’s KnowBe4 account.
|listGroupUsers||List Group Users||
This command retrieves a list of all users in the specific group.
|listPhishingSecurityTests||List Phishing Security Tests||
This command retrieves a list of all Phishing Security Tests (PSTs) in your organization’s KMSAT account.
|listTrainingCampaigns||List Training Campaigns||
This command retrieves a list of all training campaigns in your organization’s KMSAT account.
This command retrieves a list of all users or a specific user in the current admin’s KnowBe4 account.
This command allows you to perform a health check on an integration connection. You can schedule a periodic health check by selecting Connection Health Check when editing an integration connection.
For more information about the XGEN SOAR integration, ask your D3 Security account manager for a general integration guide.