Skip to content

Abnormal Email Security

Step 1: Access Abnormal Security Platform #

  1. Log in to Abnormal Security Dashboard:
    • Navigate to your Abnormal Security Management Dashboard.
    • Go to Settings > API Access.
  2. Enable API Access:
    • Ensure API access is enabled for your organization.
    • Verify that you have the necessary permissions to create API tokens.

Step 2: Generate API Credentials #

  1. Create API Token:
    • Navigate to Settings > API Access in your Abnormal Security dashboard.
    • Click “Generate New Token” or “Create API Key”.
    • Enter a descriptive name for the token (e.g., “SolCyber Integration”).
    • Select the appropriate permissions for threat data access:
      • threats:read - Read access to threat data
      • threats:list - List threats
      • threats:get - Get individual threat details
  2. Note API Credentials:
    • Copy the API Base URL and Access Token from the API settings.
    • These will be used in the SolCyber integration.
    • Store the access token securely as it cannot be retrieved again. You will need to provide this information to SolCyber.

Step 3: Configure Threat Data Access #

  1. Set up Threat Data Permissions:
    • Ensure your API token has access to the threat data you want to ingest.
    • Verify that threat data is being generated and is accessible via the API.
  2. Test API Connectivity:
    • Use Postman or cURL to test API requests to Abnormal Security.
    • Verify that you can successfully retrieve threat data using your credentials.

Step 4: Network Configuration #

  1. Whitelist Databahn IPs:
    • Add Databahn’s IP addresses to your Abnormal Security tenant’s allowed IPs if IP restrictions are enabled.
    • Contact Databahn support for the specific IP ranges.
  2. Configure Rate Limits:
    • Review and adjust API rate limits if necessary to accommodate your data ingestion needs.

Abnormal Security Integration Reference

External Documentation