In this article, you will learn how to integrate Sophos endpoint security with SecurityCoach. Once you set up this integration, data provided by Sophos will be available under the SecurityCoach tab of your KSAT console. This data can be viewed in SecurityCoach reports and used to create detection rules for real-time coaching campaigns. For general information about SecurityCoach, see our SecurityCoach Product Manual.
To set up the Sophos integration with SecurityCoach you’ll need Sophos API credentials from your Sophos console and then enter the credentials in your KSAT console.
Set Up the Integration in Your Sophos Console
- Log in to your Sophos console.
- Navigate to Global Settings > API Credentials Management.
- Click Add Credential.
- In the Add credential pop-up window, enter a Credential name for your integration, such as “KnowBe4 Integration”.
- Enter a Description for your integration, such as “KnowBe4 Sophos Integration”.
- In the Role drop-down menu, select Service Principal ReadOnly.
- Click Add.
- On the API credential summary page, copy and save your Client ID and Client Secret in a place you can easily access. You’ll need these credentials to complete the integration.
Set Up the Integration in Your KSAT Console
Once you have copied your API credentials from your Sophos account, you can set up the integration in your KSAT console. To integrate Sophos in your KSAT console, follow the steps below.
- Log in to your KSAT console and navigate to SecurityCoach > Setup > Security Vendor Integrations.
- Locate the Sophos card and click Configure.
- Enter the Client ID and Client Secret that you saved in your Set Up the Integration in Your Sophos Console section of this article.
- Click Connect.
Map Your Users
After you’ve finished integrating Sophos, you can map your users either through mapping rules (recommended) or through a CSV file upload. For more information about user mapping, see our Mapping Users in SecurityCoach article.
Once you’ve successfully authorized this integration, you can manage detection rules for Sophos on the Detection Rules subtab of SecurityCoach. For a full list of available system detection rules for this vendor, see our Which Detection Rules Can I Use with My Vendors? article.