Configure Cloud Security - SaaS Alerts

Access SaaS Alert threats on your RocketCyber dashboard

Overview

The SaaS Alert App is designed to retrieve all threat data from the SaaS Alert dashboard. It is designed to operate across all sites within your SaaS Alert dashboard. 

Required Permissions

The account that you log on to the SaaS Alert dashboard and generate the API Access Token with must have access to the threat data. 

Note: Please make sure that SaaS Alerts app is enabled in the App store before proceeding.

How to Set Up

Step 1:

Inserting Web receiver URL

  • Log into the SaaS Alert dashboard.
  • From the left side navigation pane go to Settings and select API and navigate to the API tab.

Here under the API tab, you will be inputting the Rocketcyber web receiver URL. The web receiver URL tells SaaS Alerts that we are allowed to create a subscription link for your account and let’s SaaS Alerts know that this URL will be expecting webhook alerts.

 

saas_alerts_user_and_partner_button.png

Click the Show Partner ID Button - This will reveal your unique SaaS Alerts Partner ID

saas_alerts_user_and_partner_id_values.png

Click the Copy to Clipboard Icon next to the Partner ID Value.

In the next step you will append this Partner ID Value to the web hook URL. Replace YourSaasAlertsPartner ID with the value from the Partner ID Field

 

Under Webhook API, select the + right next to Partner Domains and enter the following URL:

  • If US customer:
    • web-receiver.us.rocketcyber.com/api/saasAlerts/YourSaaSAlertsPartnerID
  • If EU customer
    • web-receiver.eu.rocketcyber.com/api/saasAlerts/YourSaasAlertsPartnerID

*Note you only need to add one URL, not both, based on your location.

Select Add

Under the Partner Domains you should now see either the US or EU (depending on your region) web receiver URL.

 

Step 2:

Locating your API Key:

  • From the Settings > API tab select the green button Show Api Key.

After selecting, Show Api Key, an API key will be generated. Copy your API key either by highlighting over it and selecting Copy -OR- by selecting the button on the right next to the textbox.

 

 

Step 3:

Copying API key into Rocketcyber

Once you have copied your API key, navigate back to the Rocketcyber dashboard.

Navigate to Integration > Cloud Security > API and paste your API Key inside the API Key textbox.

Then, select Authenticate.

 

Step 4:

Pulling Tenants

If your API key has successfully authenticated, select Pull Tenants.

*Note if your authentication failed and you received an error, please make sure that you copied the correct API key. You may also re-generate the API key within the SaaS alerts portal.

 

Step 5:

Customer Mapping

Map customers accordingly to ensure detection are routed to the correct organization. After customer mapping has been completed, select Save Map.

Congratulations! Your SaaS Alerts will now be delivered directly to your RocketCyber Dashboard under the SaaS Alerts application.

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section