To learn more about Out-of-the-box Integrations and their benefits, please refer to this article.

Requirements

• Zscaler Internet Access
  
• An active Lumu Defender subscription.

Add Integration

This integration manages a URL category called “Lumu IOCs” into your ZIA Console. Please do not modify it.

1. Log in to your Lumu account through the Lumu Portal and navigate to the available apps screen. 

2. Locate the Zscaler Internet Access integration in the available apps area and click to add, then click to view details.

3. Familiarize yourself with the integration details available in the app description and click the button below to activate the integration.

4. To activate the integration, click on the activate button, add a Name, and select the Threat Types that you want to push to your Zscaler Internet Access cloud. If you want to include IP indicators on your URL category, you should select the option Include IP indicators. Furthermore, if you would prefer that Lumu activates your cloud with the new configuration, you should keep the option  Automatically activate changes selected. Finally, click on the Next button.

5. Fill in the required information, the Base URL, the API Key, the User Name (we suggest creating a profile on your ZIA portal just for Lumu with restrictive policies), and the Password for that account. Finally, click on the Next button. Lumu will validate if the credentials provided are correct.

6. The integration is now created and active. Now, the Lumu Portal will display the details of the created integration:

Lumu will refresh configurations from your Zscaler portal by default, but it is possible to deselect this option. Be aware that when deselecting this option, you will need to go an manually activate all changes. For more information, read about Zscaler Activation.

Once the integration is activated, the Zscaler URL category “Lumu IOCs” will be updated with confirmed compromises found by Lumu within the preceding 3 days.