# Check Point Avanan

Check Point Avanan is a cloud email and collaboration security platform that protects Microsoft 365, Google Workspace, and connected SaaS apps against phishing, business email compromise, malware, and account takeover. Connecting Check Point Avanan forwards email security alerts to Radiant Security via webhook. Radiant uses these alerts to surface user-targeted attacks during AI triage, correlating mailbox activity with identity, endpoint, and network signals already in the pipeline.

### Prerequisites

* [ ] Administrator access to the Avanan Portal
* [ ] Administrator role in Radiant Security

### Add the data connector in Radiant Security

1. Log in to [Radiant Security](https://app.radiantsecurity.ai/).
2. From the navigation menu, select **Settings** > **Data Connectors** and click **+ Add Connector**.
3. Search for and select **Checkpoint Avanan Webhook**, then click **Data Feeds**.
4. Under **Select your data feeds**, select **Checkpoint Avanan webhook** and click **Credentials**.
5. In the **Credential Name** field, enter an identifiable name (e.g., `Avanan webhook credentials`).
6. In the **Connector tag** field, enter any string. Radiant uses this value as salt when generating the authentication token for your connector.
7. Click **Add Connector**.
8. On the **Data Connectors** page, find the new connector and click **View Details**. Under **Vendor Configuration**, copy and save the **Webhook URL**. You will paste it into the Avanan Portal in the next section.

### Configure Check Point Avanan to forward security events

1. Log in to the Avanan Portal.
2. Navigate to **Security Settings** > **Security Engines**.
3. Under **SIEM Integration**, click **Configure**.
4. Under **Transport Method**, select **HTTP Collector**.
5. In the URL field, paste the **Webhook URL** you copied from Radiant Security.
6. Under **Log Format**, select **JSON**.
7. Click **Save**.

### Verify ingestion

After Check Point Avanan forwards its first batch, confirm alerts are flowing into Radiant.

1. In Radiant, navigate to [Log Management](https://app.radiantsecurity.ai/logs).
2. Filter by `rs_connectorType:"avanan_webhook"`.
3. Confirm recent alerts from Check Point Avanan appear in the parsed index.

{% hint style="info" %}
**Note:** Allow several minutes for alerts to be parsed, indexed, and available for search after Check Point Avanan begins forwarding.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/check-point-avanan.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.