SendGrid Integration

2023/12

Overview

Many organizations elect to trigger an email notification or email-based workflow when the Identity Intelligence security platform has a new finding or actionable alert. Please see the Example Use Case - SendGridsection below for more details.

Up to this point, this email would come from a cisco.com domain. For a more flexible seamless process, Identity Intelligence has introduced the ability to configure several of the top mail providers.

In the Integrations tab, there is a new section for “Email”, which includes options to set up integrations for your own SendGrid service.

Prerequisites

This article assumes that your organization has a Sendgrid implementation and you have necessary admin rights to configure it.

SendGrid Configuration

Go to the Integrations tab and select Add Integration
Scroll to the Email section and select the SendGrid Integration
Fill in the following fields and click Save when completed:

Name - this is a display name in the Identity Intelligence UI for the integration
Description - optional
From Address - this can take the form of either of the following:
- An email address on an authenticated domain as explained in https://docs.sendgrid.com/ui/account-and-settings/how-to-set-up-domain-authentication
- A verified Single Sender Identity as explained in https://docs.sendgrid.com/ui/sending-email/sender-verification
Default email service (toggle) - enable this option to make this email integration the default provider from which email notifications will be sent
API Key - Create an API Key as described in this article, with Full Access.

Test Connectivity

After the integration is created, you can test connectivity to the service using the 3-dot menu option on the integration row and select Test Connectivity.

Example Use Case - SendGrid

Organizations may find that their users are connecting to corporate systems and applications while using personal 3rd party VPN services like NordVPN or ExpressVPN, or less reputable ones than that. This is a bad security practice and many companies prohibit this within their acceptable use policy.

Identity Intelligence surfaces personal VPN usage in the Personal VPN Usage check. Using the check settings menu, you can configure Identity Intelligence to send email messages to users (or their managers, if defined in the primary IDP), informing them of this policy violation.

With the SendGrid integration configured above and set to Default Email Service, this email will now originate via SendGrid from the sending From address list.

You can also customize the message sent to the end user per Check via the Check Settings.

PreviousSalesforce Integration NextServiceNOW Integration

Last updated 8 days ago