Use Case: Phishing

Phishing is one of the most common and critical threats our customers face. This quickstart guide walks you through the setting up the phishing use case in Radiant Security, ensuring that we're fully set up to begin triaging phishing and business email compromise (BEC) reports.

Prerequisites

Note: While Radiant can ingest and triage phishing reports without an action connector, configuring one allows you to automate containment, remediation, and other response workflows more effectively.

Enable your Domains

  1. Log in to Radiant Security.

  2. In the navigation menu, click Settings > Domains.

  1. Locate the list of domains synchronized from your email provider.

  2. For Status, toggle on each domain you want Radiant to monitor and triage for phishing.

Tip: Only enable domains that send or receive email relevant to your organization’s security posture.

Configure email forwarding

Choose one of the following methods to forward phishing emails and BEC reports into Radiant. Only one configuration is required, select the option that best fits your environment and solutions:

  1. Direct Office 365 Forwarding: Set up O365 to forward phishing emails to Radiant Security

  2. KnowBe4 on Office 365: Set up KnowBe4 on O365 to forward phishing emails to Radiant Security

  3. KnowBe4 on Chrome: Set up KnowBe4 on Chrome to forward phishing emails to Radiant Security

  4. Proofpoint PhishAlarm: Set up Proofpoint PhishAlarm to forward phishing emails to Radiant Security

Next steps

  1. Verify ingestion: Send a test phishing email to confirm Radiant ingests and triages it correctly.

  2. Review playbook: Customize or build playbooks under Workflows to automate containment and remediation actions for phishing alerts. More information can be found here.

  3. Monitor dashboards: Check the Incidents dashboard to see real-time phishing and BEC alerts triaged by Radiant.

PreviousQuickstartNextUser Management

Last updated