Agari Phishing defense is a cloud-based service that protects employees against phishing and Business Email Compromise (BEC) attacks.
The Devo Agari Phishing Defense integration collects data from the Agari API and ingests it into Devo where it is made available for analysts to query.
Data source description
The following data is ingested into Devo:
Data source
Description
API endpoint
Devo table
Message
Metadata about email messages processed by the Agari service.
/v1/ep/messages
mail.agari.phishing_defense.messages
Policy events
Details on policy events triggered by the Agari service.
/v1/ep/policy_events
mail.agari.phishing_defense.policy_events
Configuration
In order to configure the Devo Agari Phishing Defense integration you need to:
Log in to your Agari product.
Click on your username in the upper right and select Settings.
Click on the Generate API Secret link to generate an API client_id and client_secret (the link will read Regenerate API Secret if you have already generated an API client ID/secret previously).
Copy both the client_id and client_secret that are generated and store them somewhere safe.
Keep your client_id and client_secret secure.
API clients can use your client_id and client_secret to gain access to the APIs as your user. Keep these values somewhere safe and secure. Never share them with anyone.
For security purposes, the client_secret will not be displayed again, however, you can generate a new one whenever needed by following the steps above.