- 26 Mar 2025
- 1 Minute to read
- Print
- DarkLight
Cofense Intelligence
- Updated on 26 Mar 2025
- 1 Minute to read
- Print
- DarkLight
Cofense Intelligence streamlines the identification and management of phishing threats by providing actionable insights and real-time alerts across your email security landscape. For detailed information, please refer to the Cofense website.
Integration Method: API
Tables: Detection Finding (2004)
The integration supports the following events.
Event | Description |
---|---|
Threats | The API enables users to search for specific threats, returning confirmed Cofense Intelligence or Cofense Credential Phish threats, while also retrieving a list of all vulnerabilities. |
This integration supports the following versions.
Cofense Intelligence Version Supported | 1.0.7 |
Cofense Intelligence API version | v1 |
Prerequisites
The user should have access to the Cofense Intelligence portal with an account that has Global Administrator privileges.
The user should have access to the DataBee console.
Configuration Overview
Create an API Token from Cofense Intelligence platform to access the APIs.
Create Cofense Intelligence data feed in the DataBee console with the required Client credentials.
DataBee Parameter
Cofense Intelligence Parameter
Username
Username
Password
Password
Cofense Intelligence Configuration
Create an API Token
Log on to Cofense Intelligence portal with an account that has the Administrator privileges.
Navigate to the API Tokens tab and click on Create New Token.
The “Create New API Token” dialog box will open. Enter the ‘Token Name’ and click Create.
Once the API token is created, a dialog box will open displaying the User Name and Password. Copy these credentials.
Note:
Please ensure that you copy the username and password as this will be visible only once.
Databee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for the Cofense Intelligence and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
Authorization Method: Basic
Username: paste Username generated earlier in the Cofense Intelligence portal.
Password: paste Password generated earlier in the Cofense Intelligence portal
Event Types: preselected for all the event types that integration pulls.
Click Submit.
Troubleshooting Tips
If you encounter an Invalid client or Unauthorized client error, it may be due to incorrect credentials. Please double-check that the username and password are entered correctly. To avoid any issues, consider pasting it into a text editor to ensure there are no extra spaces or unexpected characters before reconfiguring the DataBee feed.