Microsoft Teams

Overview

AttackForge is a collaboration platform for Technology Teams, Security Teams & Engineering Teams. It helps to get the right people, in the right place with the right information. To help achieve this, AttackForge integrates with industry leading collaboration platform Microsoft Teams.
Microsoft Teams allows you to engage in collaborative and inclusive meetings from anywhere with Teams meetings and Teams-enabled devices.
AttackForge is integrated into Microsoft Teams via your Enterprise Microsoft Azure Identity Provider.

Creating Your Team

Once your Microsoft Teams integration is completed, you can easily & quickly create a new Team (in Teams) that you can then invite your project team to.
To create a new Team, click on Collaboration button from your Project Dashboard.
The click on the MS Teams button. This will redirect you to your Microsoft Azure login for your Enterprise.
If you have already logged in previously and have active token in your browser (Single-Sign-On), then you do not have to login again and it will automatically create the new Private Team & Private Channel in Teams for you.
After you have logged in, it will automatically create the new Private Team & Private Channel in Teams for you, and you will be redirected back to AttackForge.
You can only have one Microsoft Team per project in AttackForge. This is to ensure all project members are collaborating in the same place.
The first person to click on the MS Teams button will create the Team and become the Owner of the team in Teams.
All persons invited to the team via AttackForge will be invited as Members.
Each Team and Channel are set up to be Private so they are invite-only.
After your Team has been created, you can click on the Open Channel in MS Teams button. This will redirect you to your team in Teams.

Inviting People To Your Team

After your team has been created in Teams, you can now invite people to it.

Invite Person By Email

To invite a person individually by their email to your team, enter in their email address and click on the Invite User button. This will redirect you to your Microsoft Azure login for your Enterprise.
If you have already logged in previously and have active token in your browser (Single-Sign-On), then you do not have to login again and it will automatically invite the user to your team.
If the user has been successfully invited, a green pop-up message will display.
If the request is unsuccessful, a red pop-up message will display with the error.

Invite Entire Project Team

You can also invite the entire project team in one go. To do this, click on Invite Project Team button. This will redirect you to your Microsoft Azure login for your Enterprise.
If you have already logged in previously and have active token in your browser (Single-Sign-On), then you do not have to login again and it will automatically invite the project team to your team.
A green pop-up message will display with the details for the people who have been successfully invited to the project.
A red pop-up message will also display with the details for the people who have been unsuccessfully invited to the project.

Setting Up Teams - Integration

Teams is disabled in AttackForge until you have successfully integrated it.
To set up Teams, please follow the steps below:

1. Register New App in Azure AD

2. Set Up Application API Permissions

The following permissions are required/mandatory for Teams integration:
    Directory.Read.All
    Directory.ReadWrite.All
    Team.ReadBasic.All
    TeamMember.ReadWrite.All
    TeamSettings.Read.All
    TeamSettings.ReadWrite.All
    User.Read.All
    User.ReadWrite.All
    email
    openid
    profile

3. Generate Client Secret

The client secret will need to be provided to AttackForge in Step 7 below.

4. Get Client ID

The client ID will need to be provided to AttackForge in Step 7 below.

5. Set Up Callback URL

The callback URL should use the following structure: https://<YOUR-ATTACKFORGE-URL>/oauth/teams/callback
The callback URL will need to be provided to AttackForge in Step 7 below.

6. Get Authorization URL & Token URL

The authorization URL & token URL will need to be provided to AttackForge in Step 7 below.

7. Configure AttackForge

Cloud customers

Provide the following details to your AttackForge client support representative.
!IMPORTANT Ensure to first encrypt the details in a password protected folder/file before sending to AttackForge.
    client ID
    client secret
    callback URL
    authorization URL
    token URL
Your AttackForge client support representative will inform you once the details have been configured for your AttackForge tenant. The integration will then be completed.

On-Premises customers

Update your Dockerfile with the following:
ENV TEAMS_AUTHORIZATION_URL="<authorization URL>" ENV TEAMS_TOKEN_URL="<token URL>" ENV TEAMS_CLIENT_ID="<client ID>" ENV TEAMS_CLIENT_SECRET="<client secret>" ENV TEAMS_CALLBACK_URL="<callback URL>"
Restart your Docker environment to update the configuration. The integration will then be completed.
Last modified 1yr ago