This integration allows CanIPhish to continuously stream security awareness training and simulated phishing data to an endpoint of your choosing through a real-time webhook.
Table of contents:
Webhook Overview
CanIPhish offers webhook support to provide a seamless integration between our phishing simulation and security awareness training platform and your existing systems. With webhooks, you can automatically send real-time data about simulated phishing events, and user training progress to any endpoint of your choosing. This allows you to streamline workflows, enhance reporting, and ensure that your organization’s security awareness program is fully integrated with your preferred tools and platforms.
Webhook Setup
To setup CanIPhish's webhook integration, please follow the below steps:
1. Login to your CanIPhish Account.
2. Traverse to the Integrations page: Platform Settings> Integration Settings
3. Click the Configure button on the Webhook Integration row:
4. Provide the endpoint that the webhook should push information to. This endpoint will need to support inbound HTTPS connections and all information will be sent as a JSON formatted payload.
5. Select what information you would like CanIPhish to send by enabled or disabling certain Phishing and Training event triggers.
6. Optionally specify a custom header name and value to be included in all webhook events.
7. Activate the webhook!
8. Test the webhook works by sending test events. You can preview what the JSON formatted payload looks like by using the "Preview Event" dropdown. Select your preferred event and then click the "Send Test Event" button to trigger an example event which will get sent to your webhook endpoint.
Webhook Triggers
Currently, CanIPhish supports 8 individual webhook event triggers. These events and an explanation of what causes them to trigger is outlined below:
- Phishing - Email Reported: This event is triggered when an employee reports a suspected phishing email (this includes both simulated and non-simulated phishing emails that are reported).
- Phishing - Payload Clicked: This event is triggered when an employee clicks a phishing link embedded within a simulated phishing email.
- Phishing - Employee Compromised: This event is triggered when an employee is compromised by a simulated phishing email. This could be through entering credentials on a simulated phishing website, opening a simulated phishing attachment on their computer, or providing sensitive information as part of a conversational phishing attack.
-
Phishing - Delivery Failed: This event is triggered when a simulated phishing email fails to deliver for any reason. Potential failure reasons include:
- "Failure - Domain Not Verified"
- "Failure - Email Quota Exceeded"
- "Failure - Connection To SMTP Server Was Rejected"
- "Failure - Email Bounced"
- "Failure - Authentication To Microsoft Unsuccessful"
- "Failure - Employee Not Found In Microsoft 365"
- "Failure - Employee Not Found In Google Workspace"
- "Failure - Unspecified"
- Training - Assignment Complete: This event is triggered when an employee completes an assigned training module.
- Training - Assignment Overdue: This event is triggered when an employee fails to complete a training module by the specified due date.
-
Training - Assignment Error: This event is triggered when a training module is unable to be assigned for any reason. Potential error reasons include:
- "Error - Maximum Quota Hit"
- "Error - Domain Not Verified"
- "Error - Pending Assignment"
Note: The "Error - Pending Assignment" error occurs when a new employee is synced into a campaign but is unable to be assigned training due to either the quota being hit or the domain associated to their email address being unverified.
- Training - Assignment Failed: This event is triggered when an employee attempts a training assignment but fails to achieve a passing score for the given attempt (this event will trigger for each failure until a passing score is achieved).
Comments
0 comments
Please sign in to leave a comment.