Service description
Agari Phishing defense is a cloud-based service that protects employees against phishing and Business Email Compromise (BEC) attacks.
The Devo Agari Phishing Defense integration collects data from the Agari API and ingests it into Devo where it is made available for analysts to query.
Data source description
The following data is ingested into Devo:
Data source | Description | API endpoint | Devo table |
|---|---|---|---|
Message | Metadata about email messages processed by the Agari service. |
|
|
Policy events | Details on policy events triggered by the Agari service. |
|
|
Configuration
In order to configure the Devo Agari Phishing Defense integration you need to:
Log in to your Agari product.
Click on your username in the upper right and select Settings.
Click on the Generate API Secret link to generate an API
client_id and client_secret(the link will read Regenerate API Secret if you have already generated an API client ID/secret previously).Copy both the
client_idandclient_secretthat are generated and store them somewhere safe.
Keep your client_id and client_secret secure.
API clients can use your client_id and client_secret to gain access to the APIs as your user. Keep these values somewhere safe and secure. Never share them with anyone.
For security purposes, the client_secret will not be displayed again, however, you can generate a new one whenever needed by following the steps above.
Running the collector
This collector is hosted by Devo. To start using it, get in touch with us.