Integrating Proofpoint with SecurityCoach
In this article, you will learn how to integrate Proofpoint’s Email Security and Protection product with SecurityCoach. Once the integration is complete, data provided by Proofpoint will be available for use under the SecurityCoach tab of your KMSAT console. This data can be viewed in SecurityCoach reports and used to create detection rules for real-time coaching campaigns. For general information about SecurityCoach, see our SecurityCoach Product Manual
Click the links below to learn how to integrate Proofpoint with SecurityCoach.
Obtain Your Proofpoint Client ID and API Key
Before you set up the integration in your KMSAT console, you will need to obtain your Proofpoint Client ID and API key. Proofpoint uses a service principal and secret to authenticate to the SIEM API.
To obtain these items, follow the steps below:
- Log in to your Proofpoint console and navigate to the Threat Insight Dashboard.
- Find the settings page.
- Locate your Client ID and API Key and save them to a place that you can easily access. You will need these items to complete the integration setup in the Set Up the Integration in Your KMSAT Console section of this article.
Set Up the Integration in Your KMSAT Console
Once you have your Proofpoint Client ID and API key, you can set up the integration in your KMSAT console. To register Proofpoint with SecurityCoach in your KMSAT console, follow the steps below:
- Log in to your KMSAT console and navigate to SecurityCoach > Setup > Security Integrations.
- Locate Proofpoint and click Configure.
- Enter the Client ID and the API Key.
- Click Authorize.
If no errors display, you successfully integrated Proofpoint with SecurityCoach and you can create detection rules for this vendor.