Connect Check Point Avanan to Radiant Security to forward email security alerts for AI triage.
Check Point Avanan is a cloud email and collaboration security platform that protects Microsoft 365, Google Workspace, and connected SaaS apps against phishing, business email compromise, malware, and account takeover. Connecting Check Point Avanan forwards email security alerts to Radiant Security via webhook. Radiant uses these alerts to surface user-targeted attacks during AI triage, correlating mailbox activity with identity, endpoint, and network signals already in the pipeline.
Log in to Radiant Security.
From the navigation menu, select Settings > Data Connectors and click + Add Connector.
Search for and select Checkpoint Avanan Webhook, then click Data Feeds.
Under Select your data feeds, select Checkpoint Avanan webhook and click Credentials.
In the Credential Name field, enter an identifiable name (e.g., Avanan webhook credentials).
In the Connector tag field, enter any string. Radiant uses this value as salt when generating the authentication token for your connector.
Click Add Connector.
On the Data Connectors page, find the new connector and click View Details. Under Vendor Configuration, copy and save the Webhook URL. You will paste it into the Avanan Portal in the next section.
Log in to the Avanan Portal.
Navigate to Security Settings > Security Engines.
Under SIEM Integration, click Configure.
Under Transport Method, select HTTP Collector.
In the URL field, paste the Webhook URL you copied from Radiant Security.
Under Log Format, select JSON.
Click Save.
After Check Point Avanan begins forwarding, confirm alerts are reaching Radiant.
In Radiant, navigate to Log Management.
Filter by rs_connectorType:"avanan_webhook".
Confirm recent alerts appear.
Allow several minutes for alerts to be parsed, indexed, and available for search.
Last updated
Was this helpful?
Was this helpful?
