Menu English (US) Čeština Dansk Deutsch Español (Latinoamérica) Español (España) Suomi Français (Canada) Français (France) हिंदी Magyar Bahasa Indonesia Italiano 日本語 한국어 Bahasa Melayu Nederlands Norsk Polski Português do Brasil Português (Portugal) Română Русский svenska ไทย Türkçe Українська Tiếng Việt 简体中文 繁體中文

Sophos Integration Guide for SecurityCoach

Updated:

Created:

Integrating Sophos with SecurityCoach

In this article, you will learn how to integrate Sophos' Endpoint Security with SecurityCoach. Once you set up this integration, data provided by Sophos will be available under the SecurityCoach tab of your KMSAT console. This data can be viewed in SecurityCoach reports and used to create detection rules for real-time coaching campaigns. For general information about SecurityCoach, see our SecurityCoach Product Manual.

Click the links below to learn how to integrate Sophos with SecurityCoach.

Jump to:
Create Your Sophos API Token
Set Up the Integration in Your KMSAT Console

 

Create Your Sophos API Token

Before you can set up this integration in your KMSAT console, you will need to create a Sophos API token in your Sophos console.

To create your API token, follow the steps below:

  1. Log in to your Sophos console as a super admin.
  2. Navigate to Global Settings > API Token Management.
  3. Click Add token at the top-right corner of the page.
  4. Select a token name and click Save.

After you click Save, you will be able to view the API Access URL + Headers and the Token Expiry Date in the API Token Summary section of the page.

Note: Sophos will send you a reminder when your token is about to expire, based on the token expiry date displayed in this section.

Back to top

 

Set Up the Integration in Your KMSAT Console

Once you have created your Sophos API key, you can set up the integration in your KMSAT console. To set up the integration in your KMSAT console, follow the steps below:

  1. Log in to your KMSAT console and navigate to SecurityCoach > Setup > Security Vendor Integrations.
  2. Locate the Sophos card and click Configure.
  3. In the API Access URL + Headers and the Token Expiry Date fields, enter the information that displays in the API Token Summary section of your Sophos console. For more information, see the Create Your Sophos API Token section above.Sophos Configuration
  4. Click Authorize.

Once you’ve successfully authorized this integration, you can manage detection rules for Sophos on the Detection Rules subtab of SecurityCoach. For a full list of available system detection rules for this vendor, see our Which Detection Rules Can I Use with My Vendors? article.

Back to top

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.

Related articles