In this article, you'll learn how to integrate Netskope’s Next Gen Secure Web Gateway (SWG) with SecurityCoach. Once the integration is complete, data provided by Netskope will be available for use in the SecurityCoach tab of your KSAT console. This data can be viewed in SecurityCoach reports and used to create detection rules for real-time coaching campaigns. For general information about SecurityCoach, see our SecurityCoach Product Manual.

Setting Up the Integration in Netskope

Before setting up this integration in your KSAT console, you'll need to create a Netskope API token in your Netskope console and obtain your tenant name. For more information, see the sections below.

Create Your API Token

To create an API token for Netskope, follow the steps below:

1. Log in to your Netskope portal.
2. Navigate to Settings > Administration > Administrators & Roles.

3. Select the Roles subtab.

   

4. Select the New button. A New Role window will pop up.

5. To configure the New Role window, see the screenshots and list below:

   

   

   1. Role Name: Enter your preferred name for this role. We recommend the name "KnowBe4 API Role".
   2. Role Short Description: Enter your preferred description for this role.
   3. Events and Analytics: Select this checkbox and ensure it is enabled.
   4. Scope IT: Further down in the window, under Scope IT > Alerts, enable the View permission.
6. Select Save to save your changes and create the new role.
7. Navigate to Settings > Administration > Administrators & Roles.

8. Select the Administrators subtab.

   

9. Select Service Account. A New Service Account window will pop up.

   

10. To configure the New Service Account window, see the screenshot and list below:

    

    1. Service Account Name: Enter your preferred name for the service account. We recommend "KnowBe4 Service Account".
    2. Role: Select the name of the role you created earlier in the New Role window.
    3. REST API Token: Select Generate token now with expiry and set your preferred API token expiration date. We recommend selecting 12 Months.
11. In the top-right corner of the window, select Create to save your changes and generate the API token. A Success window will pop up.

12. Select Copy Token to copy your API Token. Make sure to save your copied API token somewhere that you can easily access. You'll need this token when you complete the integration in the Set Up the Integration in KSAT section below.

    Warning:The API token will not be shown again after you close the Success window.

Obtain Your Tenant Name

To obtain your Netskope tenant name, look at your Netskope portal URL. Typically, your tenant name will be at the beginning of the URL, and the URL will be in the following format:

<tenant-name>.goskope.<rest-of-url>

Make sure to save your tenant name to a place that you can easily access later. You'll need your tenant name to complete the integration setup in the Setting Up the Integration in KSAT section below.

Setting Up the Integration in KSAT

To set up the integration in your KSAT console, follow the steps below:

1. Log in to your KSAT console.
2. Navigate to SecurityCoach > Setup > Security Vendor Integrations.
3. Locate Netskope and select Configure Integration.

4. Enter your Tenant Name and API Token in the corresponding fields.

   

5. Select Authorize.

Map Your Users

After you’ve finished integrating Netskope, we recommend mapping your users through mapping rules or through a CSV file upload. For more information about user mapping, see our Map Users in SecurityCoach article.

Once you’ve successfully authorized this integration, you can manage detection rules for Netskope in the SecurityCoach > Detection Rules subtab.h. For a full list of available system detection rules for this vendor, see our System Detection Rules by Vendor article.