Configuring SaaS Alerts

Access SaaS Alert threats on your RocketCyber dashboard

Overview

The SaaS Alerts App is designed to retrieve all threat data from the SaaS Alert dashboard. It is designed to operate across all sites within your SaaS Alert dashboard.

Required Permissions

The account that you log onto the SaaS Alert dashboard and generate the API Access Token must have access to the threat data.

NOTE Please make sure that SaaS Alerts app is enabled in the App store before proceeding.

How to Set Up

Step 1: Inserting Web receiver URL

Log into the SaaS Alert dashboard.
From the left side navigation pane, go to Settings and select API and navigate to the API tab.

Here under the API tab, you will be inputting the Rocketcyber web receiver URL. The web receiver URL tells SaaS Alerts that we are allowed to create a subscription link for your account and let’s SaaS Alerts know that this URL will be expecting webhook alerts.

Click the Show Partner ID Button. This will reveal your unique SaaS Alerts Partner ID.

Click the Copy to Clipboard Icon next to the Partner ID Value.

In the next step you will append this Partner ID Value to the web hook URL. Replace YourSaasAlertsPartner ID with the value from the Partner ID Field.

Under Webhook API, select the + right next to Partner Domains and enter the following URL:

If US customer:
- web-receiver.us.rocketcyber.com/api/saasAlerts/YourSaaSAlertsPartnerID
If EU customer
- web-receiver.eu.rocketcyber.com/api/saasAlerts/YourSaasAlertsPartnerID

NOTE *Note you only need to add one URL, not both, based on your location.

Select Add.

Under the Partner Domains you should now see either the US or EU (depending on your region) web receiver URL.

Step 2: Locating your API Key

From the Settings > API tab select the green button Show Api Key.

An API key will be generated. Copy your API key either by highlighting it and selecting Copy -OR- by selecting the button on the right next to the textbox.

Step 3: Copying API key into Rocketcyber

Once you have copied your API key, navigate back to the Rocketcyber dashboard.

Select Integration > Cloud Security and paste your API Key inside the API Key text box.

Then, click Authenticate.

Step 4: Pulling Tenants

If your API key has successfully authenticated, click Pull Tenants.

NOTE *If your authentication failed and you received an error, please make sure that you copied the correct API key. You may also re-generate the API key within the SaaS alerts portal.

Step 5: Customer Mapping

Map customers accordingly to ensure detections are routed to the correct organization. Select Save Map.

Congratulations! Your SaaS Alerts will now be delivered directly to your RocketCyber Dashboard under the SaaS Alerts application.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.