SendGrid Integration
2023/12
Overview
Many organizations elect to trigger an email notification or email-based workflow when the Oort security platform has a new finding or actionable alert. Please see the Example Use Case - SendGridsection below for more details.
Up to this point, this email would come from the Oort.io domain. For a more flexible seamless process, Oort has introduced the ability to configure several of the top mail providers.
In the integrations tab, there is a new section for “Email”, which includes options to set up integrations for your own SendGrid service.
Prerequisites
This article assumes that your organization has a Sendgrid implementation and you have necessary admin rights to configure it.
SendGrid Configuration
The Oort integration contains the following fields:
Name - this is a display name in the UI for the integration
Description - optional
From Address - this can take the form of either of the following:
An email address on an authenticated domain as explained in https://docs.sendgrid.com/ui/account-and-settings/how-to-set-up-domain-authentication
A verified Single Sender Identity as explained in https://docs.sendgrid.com/ui/sending-email/sender-verification
Default email service (toggle) - enable this option to make this email integration the default provider from which email notifications will be sent
API Key - Create an API Key as described in this article, with Full Access.
Test Connectivity
After the integration is created, you can test connectivity to the service using the 3-dot menu option on the integration row and select Test Connectivity -
Example Use Case - SendGrid
Organizations may find that their users are connecting to corporate systems and applications while using personal 3rd party VPN services like NordVPN or ExpressVPN, or less reputable ones than that. This is a bad security practice and many companies prohibit this within their acceptable use policy.
Oort surfaces personal VPN usage in the Personal VPN Usagecheck. Using the check settings menu, you can configure Oort to send email messages to users (or their managers, if defined in the primary IDP), informing them of this policy violation.
With the SendGrid integration configured above and set to Default Email Service, this email will now originate via SendGrid from the sending From address list.
You can also customize the message sent to the end user per Check.
Last updated