This article leads you through the process of integrating Proofpoint Targeted Attack Protection (TAP) with Red Canary. Follow the procedure from beginning to end. 

Prerequisites

• Generate your TAP Service Credentials. For more information, see Generate TAP Service Credentials.

Step 1: Red Canary–Enter your TAP Service Credentials

Enter your Proofpoint TAP Service Credentials to start receiving TAP alerts in Red Canary.

1. From your Red Canary dashboard, click the Integrations dropdown, and then click Alert Sources.
2. In the search bar, type and select Proofpoint Targeted Attack Protection.
3. To configure your new alert source, scroll down and click Proofpoint Targeted Attack Protection.
4. Click Edit Configuration.
5. Enter a Name for your external alert source.  
6. Under the Ingest Format/Method dropdown, select Proofpoint Tap via API Poll.
7. Enter your Proofpoint Tap Service Principal.
8. Enter your Proofpoint TAP Service Secret.
9. Click Save Configuration.
10. Click Edit Configuration.
11. Click Activate.