Table of contents
Vendor configuration
The Abnormal Security source requires an authentication token. Please follow the steps below to acquire the token.
Log in to the Abnormal Security platform.
In the Manage section, select the Settings option.
In the Settings section, select the Integrations option.
Scroll down to the Additional Integrations section and click "+ Connect" on the Abnormal REST API card to open the integration page for your organization.
Enter the below IP address for your deployment in the IP Safelist field.
a) 52.76.252.34
Copy and save the Access token.
Integrating with RH HRM Portal (Guidance will be provided during the On-boarding session for the following steps).
Log into your RH Cyberready portal and navigate to the HRM → Settings section as indicated below:
Click on Abnormal Widget → View Configurations and the following Modal will appear.
In the Modal above, use the API URL from the dropdown.
Add the Token that you have copied in an earlier step to this space in the designated places.
Click on Save and Authorize.
Navigate to the second tab: Detection rules as indicated below.
Select the events that you would like to enable for sending the nudges to users.
Please refer to this article for the next steps in configuring the mapping attributes.
How to Create a Service Account for Abnormal API?
Abnormal uses a token-based API system; there is no traditional service account creation, but:
You must log in to the Abnormal portal (admin access required).
Navigate to Settings → Integrations → REST API.
Click "+ Connect" on the REST API section.
Generate and copy the API access token.
Add Right-Hand’s IP address to the IP Safelist.
Additionally:
Create a dedicated user account in Abnormal (e.g., [email protected]
) with read-only permissions. Generate the API token from this account to follow the least privilege principle.