Mailgun Integration
2023/12
Overview
Many organizations elect to trigger an email notification or email-based workflow when the Oort security platform has a new finding or actionable alert. Please see the Example Use Case - Mailgunsection below for more details.
Up to this point, this email would come from the Oort.io domain. For a more flexible seamless process, Oort has introduced the ability to configure several of the top mail providers.
In the integrations tab, there is a new section for βEmailβ, which includes options to set up integrations for your own Mailgun service.
Prerequisites
This article assumes that your organization has a Mailgun implementation and you have necessary admin rights to configure it.
Mailgun Configuration
The Oort integration contains the following fields:
Name - this is a display name in the Oort UI for the integration
Description - optional
From Address - an email address that exists on the verified domain
Base URL - API base URL, corresponding to your geographic region, e.g. https://api.mailgun.net, https://api.eu.mailgun.net/ - please see this article https://documentation.mailgun.com/en/latest/api-intro.html#base-url
Domain - this should be a verified Mailgun domain, as explained in https://help.mailgun.com/hc/en-us/articles/360026833053-Domain-Verification-Walkthrough
Default email service (toggle) - enable this option to make this email integration the default provider from which email notifications will be sent
API Key - An API key (secret), as explained in https://help.mailgun.com/hc/en-us/articles/203380100-Where-Can-I-Find-My-API-Key-and-SMTP-Credentials-
Test Connectivity - Mailgun
After the integration is created, you can test connectivity to the service using the 3-dot menu option on the integration row and select Test Connectivity -
Example Use Case - Mailgun
Organizations may find that their users are connecting to corporate systems and applications while using personal 3rd party VPN services like NordVPN or ExpressVPN, or less reputable ones than that. This is a bad security practice and many companies prohibit this within their acceptable use policy.
Oort surfaces personal VPN usage in the Personal VPN Usagecheck. Using the check settings menu, you can configure Oort to send email messages to users (or their managers, if defined in the primary IDP), informing them of this policy violation.
With the Mailgun integration configured above and set to Default Email Service, this email will now originate via Mailgun from the sending From address list.
You can also customize the message sent to the end user per Check.
Last updated
