SecurityIQ Just-in-Time Training for Symantec

Introduction

These instructions will help you integrate your SecurityIQ (SIQ) platform with your Symantec Endpoint Protection Cloud (SEPC) account. The integration will allow your organization to provide security awareness training to employees based on the employees’ involvement in security-related events. Your employees will get this training automatically as these events occur.  

Symantec has several products that include an API (e.g. Symantec Data Loss Prevention Detection, Symantec™ Endpoint Protection Manager). These products accomplish different things and their APIs function differently. Currently, SIQ integrates with Symantec Endpoint Protection Cloud. If you would like to integrate with any other product, please contact your customer success manager or sales representative.

Before You Start

Before you get started, you will need access to the following: your SEPC account and the ability to authorize new applications within both this account and your SIQ account. You will also need the SecurityIQ Symantec Integration toolset. If you do not have the SecurityIQ toolset, please contact your client success manager. Your client success manager will provide you with the tool set and an SIQ API Key.  

How It Works

The SecurityIQ Symantec Integration toolset accesses the events in your SEPC via the API. These events will be displayed in SecurityIQ Symantec Integration toolset. The toolset will allow you to make rules that automatically enroll learners into SIQ security awareness trainings, based on the rules you make via the SIQ API.

Remember: Only SEPC events associated with a user email will be visible in the SecurityIQ Symantec Integration toolset. Learners are enrolled in existing awareness campaigns, and only existing learners can be enrolled in campaigns. The SEPC user email must match an email in your SIQ platform for an enrollment to take place.

The SEPC and SIQ API are currently in development, so all functionality is subject (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by InfoSec Resources. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/7G6CVa363K8/