Fortinet black logo

Silverfort v1.0.0

1.0.0
Copy Link
Copy Doc ID c298e286-a608-11ed-8e6d-fa163e15d75b:502

About the connector

Silverfort delivers adaptive authentication across all corporate networks and cloud environments from a unified platform.

This document provides information about the Silverfort connector, which facilitates automated interactions, with a Silverfort server using FortiSOAR™ playbooks. Add the Silverfort Connector as a step in FortiSOAR™ playbooks and perform automated operations such as updating details about the risk associated with a specific resource in Silverfort, retrieving details about the risk associated with a specific user from Silverfort, etc.

Version information

Connector Version: 1.0.0

Authored By: Fortinet

Certified: No

Installing the connector

Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.

You can also use the following yum command as a root user to install connectors from an SSH session:
yum install cyops-connector-silverfort

Prerequisites to configuring the connector

  • You must have the URL of the Silverfort server to which you will connect and perform automated operations and the user ID and user secret that is used to create an authentication token required to access the API.
  • The FortiSOAR™ server should have outbound connectivity to port 443 on the Silverfort server.

Minimum Permissions Required

  • Not Applicable

Configuring the connector

For the procedure to configure a connector, click here.

Configuration parameters

In FortiSOAR™, on the Content Hub (or Connector Store) page, click the Manage tab, and then click the Silverfort connector card. On the connector popup, click the Configurations tab to enter the required configuration details.

Parameter Description
Server URL Specify the URL of the Silverfort server to which you will connect and perform the automated operations.
User ID Specify the User ID that you have created on Silverfort, which is used to create an authentication token required to access the API.
User Secret Specify the User Secret that is used to create an authentication token required to access the API.
Verify SSL Specifies whether the SSL certificate for the server is to be verified or not.
By default, this option is set as True.

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™:

Function Description Annotation and Category
Get User Risk Retrieves details about the risk associated with a specific user from Silverfort based on the user identification you have specified. get_user_risk
Investigation
Get Resource Risk Retrieves details about the risk associated with specific a resource from Silverfort based on the resource name and domain you have specified. get_resource_risk
Investigation
Update User Risk Updates details about the risk associated with a specific user in Silverfort based on the user identification, risk name, severity, and other input parameters you have specified. update_user_risk
Investigation
Update Resource Risk Updates details about the risk associated with a specific resource in Silverfort based on the resource name, domain name, risk name, severity, and other input parameters you have specified. update_resource_risk
Investigation

operation: Get User Risk

Input parameters

Parameter Description
User Identification

Select one of the methods of user identification using which you can retrieve the details from Silverfort about the risk associated with the specific user. You can choose between the following options: 'User Principal Name' (Default), Email & Domain, or SAM Account & Domain.

  • If you choose 'User Principal Name', then in the User Principal Name field specify the 'User Principal Name' for which you want to retrieve the risk details from Silverfort.
  • If you choose 'Email & Domain', then specify the following input parameters:
    • Email: Specify the email for which you want to retrieve the risk details from Silverfort.
    • Domain: Specify the domain for which you want to retrieve the risk details from Silverfort.
  • If you choose 'SAM Account & Domain', then specify the following input parameters:
    • SAM Account: Specify the SAM Account for which you want to retrieve the risk details from Silverfort.
    • Domain: Specify the domain for which you want to retrieve the risk details from Silverfort.

Output

The output contains the following populated JSON schema:
{
"Silverfort": {
"UserRisk": {
"Reasons": [],
"Risk": "",
"UPN": ""
}
}
}

operation: Get Resource Risk

Input parameters

Parameter Description
Resource Name Specify the name of the resource for which you want to retrieve the risk details from Silverfort.
Domain Specify the domain of the resource for which you want to retrieve the risk details from Silverfort.

Output

The output contains the following populated JSON schema:
{
"Silverfort": {
"ResourceRisk": {
"Reasons": [],
"ResourceName": "",
"Risk": ""
}
}
}

operation: Update User Risk

Input parameters

Parameter Description
User Identification

Select one of the methods of user identification using which you can update the details about the risk associated with the specific user in Silverfort. You can choose between the following options: 'User Principal Name' (Default), Email & Domain, or SAM Account & Domain.

  • If you choose 'User Principal Name', then in the User Principal Name field specify the 'User Principal Name' for which you want to update the details about the associated risk in Silverfort.
  • If you choose 'Email & Domain', then specify the following input parameters:
    • Email: Specify the email for which you want to update the details about the associated risk in Silverfort.
    • Domain: Specify the domain for which you want to update the details about the associated risk in Silverfort.
  • If you choose 'SAM Account & Domain', then specify the following input parameters:
    • SAM Account: Specify the SAM Account for which you want to update the details about the associated risk in Silverfort.
    • Domain: Specify the domain for which you want to update the details about the associated risk in Silverfort.
Risk Name Specify the name of the risk to be updated for the specific user in Silverfort.
Severity Specify the severity of the risk to be updated for the specific user in Silverfort.
Valid For Specify the time in hours for which the risk will be valid.
Description Specify the description of the risk to be updated for the specific user in Silverfort.

Output

The output contains the following populated JSON schema:
{
"status": "",
"message": ""
}

operation: Update Resource Risk

Input parameters

Parameter Description
Resource Name Specify the name of the resource for which you want to update the details about the associated risk in Silverfort.
Domain Specify the domain of the resource for which you want to update the details about the associated risk in Silverfort.
Risk Name Specify the name of the risk to be updated for the specific resource in Silverfort.
Severity Specify the severity of the risk to be updated for the specific resource in Silverfort.
Valid For Specify the time in hours for which the risk will be valid.
Description Specify the description of the risk to be updated for the specific resource in Silverfort.

Output

The output contains the following populated JSON schema:
{
"status": "",
"message": ""
}

Included playbooks

The Sample - Silverfort - 1.0.0 playbook collection comes bundled with the Silverfort connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Silverfort connector.

  • Get Resource Risk
  • Get User Risk
  • Update Resource Risk
  • Update User Risk

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during the connector upgrade and delete.

Previous
Next

About the connector

Silverfort delivers adaptive authentication across all corporate networks and cloud environments from a unified platform.

This document provides information about the Silverfort connector, which facilitates automated interactions, with a Silverfort server using FortiSOAR™ playbooks. Add the Silverfort Connector as a step in FortiSOAR™ playbooks and perform automated operations such as updating details about the risk associated with a specific resource in Silverfort, retrieving details about the risk associated with a specific user from Silverfort, etc.

Version information

Connector Version: 1.0.0

Authored By: Fortinet

Certified: No

Installing the connector

Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.

You can also use the following yum command as a root user to install connectors from an SSH session:
yum install cyops-connector-silverfort

Prerequisites to configuring the connector

Minimum Permissions Required

Configuring the connector

For the procedure to configure a connector, click here.

Configuration parameters

In FortiSOAR™, on the Content Hub (or Connector Store) page, click the Manage tab, and then click the Silverfort connector card. On the connector popup, click the Configurations tab to enter the required configuration details.

Parameter Description
Server URL Specify the URL of the Silverfort server to which you will connect and perform the automated operations.
User ID Specify the User ID that you have created on Silverfort, which is used to create an authentication token required to access the API.
User Secret Specify the User Secret that is used to create an authentication token required to access the API.
Verify SSL Specifies whether the SSL certificate for the server is to be verified or not.
By default, this option is set as True.

Actions supported by the connector

The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™:

Function Description Annotation and Category
Get User Risk Retrieves details about the risk associated with a specific user from Silverfort based on the user identification you have specified. get_user_risk
Investigation
Get Resource Risk Retrieves details about the risk associated with specific a resource from Silverfort based on the resource name and domain you have specified. get_resource_risk
Investigation
Update User Risk Updates details about the risk associated with a specific user in Silverfort based on the user identification, risk name, severity, and other input parameters you have specified. update_user_risk
Investigation
Update Resource Risk Updates details about the risk associated with a specific resource in Silverfort based on the resource name, domain name, risk name, severity, and other input parameters you have specified. update_resource_risk
Investigation

operation: Get User Risk

Input parameters

Parameter Description
User Identification

Select one of the methods of user identification using which you can retrieve the details from Silverfort about the risk associated with the specific user. You can choose between the following options: 'User Principal Name' (Default), Email & Domain, or SAM Account & Domain.

  • If you choose 'User Principal Name', then in the User Principal Name field specify the 'User Principal Name' for which you want to retrieve the risk details from Silverfort.
  • If you choose 'Email & Domain', then specify the following input parameters:
    • Email: Specify the email for which you want to retrieve the risk details from Silverfort.
    • Domain: Specify the domain for which you want to retrieve the risk details from Silverfort.
  • If you choose 'SAM Account & Domain', then specify the following input parameters:
    • SAM Account: Specify the SAM Account for which you want to retrieve the risk details from Silverfort.
    • Domain: Specify the domain for which you want to retrieve the risk details from Silverfort.

Output

The output contains the following populated JSON schema:
{
"Silverfort": {
"UserRisk": {
"Reasons": [],
"Risk": "",
"UPN": ""
}
}
}

operation: Get Resource Risk

Input parameters

Parameter Description
Resource Name Specify the name of the resource for which you want to retrieve the risk details from Silverfort.
Domain Specify the domain of the resource for which you want to retrieve the risk details from Silverfort.

Output

The output contains the following populated JSON schema:
{
"Silverfort": {
"ResourceRisk": {
"Reasons": [],
"ResourceName": "",
"Risk": ""
}
}
}

operation: Update User Risk

Input parameters

Parameter Description
User Identification

Select one of the methods of user identification using which you can update the details about the risk associated with the specific user in Silverfort. You can choose between the following options: 'User Principal Name' (Default), Email & Domain, or SAM Account & Domain.

  • If you choose 'User Principal Name', then in the User Principal Name field specify the 'User Principal Name' for which you want to update the details about the associated risk in Silverfort.
  • If you choose 'Email & Domain', then specify the following input parameters:
    • Email: Specify the email for which you want to update the details about the associated risk in Silverfort.
    • Domain: Specify the domain for which you want to update the details about the associated risk in Silverfort.
  • If you choose 'SAM Account & Domain', then specify the following input parameters:
    • SAM Account: Specify the SAM Account for which you want to update the details about the associated risk in Silverfort.
    • Domain: Specify the domain for which you want to update the details about the associated risk in Silverfort.
Risk Name Specify the name of the risk to be updated for the specific user in Silverfort.
Severity Specify the severity of the risk to be updated for the specific user in Silverfort.
Valid For Specify the time in hours for which the risk will be valid.
Description Specify the description of the risk to be updated for the specific user in Silverfort.

Output

The output contains the following populated JSON schema:
{
"status": "",
"message": ""
}

operation: Update Resource Risk

Input parameters

Parameter Description
Resource Name Specify the name of the resource for which you want to update the details about the associated risk in Silverfort.
Domain Specify the domain of the resource for which you want to update the details about the associated risk in Silverfort.
Risk Name Specify the name of the risk to be updated for the specific resource in Silverfort.
Severity Specify the severity of the risk to be updated for the specific resource in Silverfort.
Valid For Specify the time in hours for which the risk will be valid.
Description Specify the description of the risk to be updated for the specific resource in Silverfort.

Output

The output contains the following populated JSON schema:
{
"status": "",
"message": ""
}

Included playbooks

The Sample - Silverfort - 1.0.0 playbook collection comes bundled with the Silverfort connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Silverfort connector.

Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during the connector upgrade and delete.

Previous
Next