In this guide, you’ll learn how to set up SecurityCoach in four easy steps. By following these steps, you can start detecting risky activity and coach your users in real time.
As you complete each step, you can mark it as complete in the SecurityCoach Setup section of your dashboard. To view your dashboard, navigate to SecurityCoach > Dashboard.
If you would like more detailed instructions, see our SecurityCoach Product Manual.
Step One: Integrate Vendors
SecurityCoach is integrated automatically with KSAT, but you can also set up integrations with your other security vendors. Once you set up these integrations, you can begin monitoring for risky activities using the data from your security vendors.
To set up your security vendor integrations, click Integrate Vendors on the SecurityCoach Setup task list or navigate to SecurityCoach > Setup > Security Vendor Integrations. Then, configure the integrations that you would like to use in your organization. For detailed instructions on setting up vendor integrations, see our Vendor Integration Guides.
Step Two: Add Delivery Method (Optional)
Next, we recommend setting up a delivery method to send SecurityTips to your users. SecurityTips include a notification and content to coach your users about risky activity and how to avoid it in the future.
Email is automatically available as a delivery method. However, we recommend adding Slack, Microsoft Teams, or Google Chat to coach your users where they communicate most.
To get started, click Add Delivery Method on the SecurityCoach Setup task list or navigate to SecurityCoach > Setup > Delivery Setup. Then, select the delivery method you would like to set up. For detailed instructions, see our Slack Integration Guide for SecurityCoach, Microsoft Teams Integration Guide for SecurityCoach, or Google Chat Integration Guide with SecurityCoach.
Step Three: Review Rule Detections (Optional)
SecurityCoach provides system detection rules for each security vendor. Detection rules identify what risky activity you would like to track using the data provided by your integrated vendors.
These detection rules are enabled automatically, but you can also create custom detection rules if needed. For more information about detection rules, see our Creating and Managing Detection Rules article.
We recommend reviewing your top detection rules so that you prioritize what risky activities to target with your real-time coaching campaigns.
You can review your top 10 detection rules in the Detection Rules Report. To view this report, click Review Detection Rules on the SecurityCoach Setup task list or navigate to SecurityCoach > Reports > Detection Rules Report > View Report. For more information, see our SecurityCoach Reporting Overview article.
Step Four: Create a Real-Time Coaching Campaign
Finally, you can create a real-time coaching campaign. Real-time coaching campaigns send SecurityTips to users when risky activity is detected on their devices.
To create a real-time coaching campaign, click Create Real-Time Coaching Campaigns on the SecurityCoach Setup task list or navigate to SecurityCoach > Real-Time Coaching. On the Real-Time Coaching page, you can create real-time coaching campaigns based on our recommendations or create your own custom real-time coaching campaigns.
For more information about setting up real-time coaching campaigns, see our Creating and Managing Real-Time Coaching Campaigns article.