# Setup Required

For successful analysis, you need to integrate one or many Threat Intel Partners. By integrating Threat Intel partners you will automate identifying malicious emails. Each email reported through the Phishing Reporter add-in will automatically be analysed for malicious content via multiple integrations.

## **1. Create a New Integration** <a href="#creating-new-integration" id="creating-new-integration"></a>

Navigate to **Incident Responder > Integrations.** Click the blue **New** button. You can find all our Threat Intel partners under **Integration Type**.

<figure><img src="https://files.gitbook.com/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FlKFxOYqYqSykikkXpwjG%2Fuploads%2FO9zvAviIbw4c4O7141yr%2Fthreat%20intel%20step%201.gif?alt=media&#x26;token=67ad44ca-841f-49a9-96d9-86204d2ec467" alt="Incident Responder — New integration, select Threat Intel partner type."><figcaption><p>Incident Responder — New integration, select Threat Intel partner type.</p></figcaption></figure>

#### **Quick links to install each Threat Intel Partner**

You can install free threat intel partners or if you already have subscriptions for paid versions, you can integrate these too! All links to install all free and paid for intel threat partners below

**Free Intel Threat Partners**

​[Google Safe Browsing](/next-generation-product/platform/incident-responder/integrations.md#google-safe-browsing)

[​​Zen SpamHaus​](/next-generation-product/platform/incident-responder/integrations.md#zen-spamhaus)

​​[Cyber X-ray](/next-generation-product/platform/incident-responder/integrations.md#cyber-x-ray)

[​VMRay​](/next-generation-product/platform/incident-responder/integrations.md#vmray)

**Paid Intel Threat Partners**

​​[Google Web Risk](/next-generation-product/platform/incident-responder/integrations.md#google-web-risk)

[​AnyRun​](/next-generation-product/platform/incident-responder/integrations.md#anyrun)

[​​OPSWAT​](/next-generation-product/platform/incident-responder/integrations.md#opswat)

[​FortiSandbox](/next-generation-product/platform/incident-responder/integrations.md#fortisandbox)

​​[Virus Total​](/next-generation-product/platform/incident-responder/integrations.md#virustotal)

​[IMB X-Force](/next-generation-product/platform/incident-responder/integrations.md#ibm-x-force)

{% hint style="success" %}
Add as many Threat Intel Partners as you would like. The more you integrate, the more thorough your analysis of suspicious emails.
{% endhint %}

## 2. Complete Mail Configuration

Please follow the steps for Mail Configuration for your email provider:

{% content-ref url="/pages/yknIaDueUuk1iOSRsGQc" %}
[Microsoft 365](/next-generation-product/getting-started/7.-incident-responder-setup/step-2.-mail-configurations/microsoft-365.md)
{% endcontent-ref %}

{% content-ref url="/pages/hChzCm717sMDo1NrGvG6" %}
[Google Workspace (Gsuite)](/next-generation-product/getting-started/7.-incident-responder-setup/step-2.-mail-configurations/google-workspace-gsuite.md)
{% endcontent-ref %}

{% content-ref url="/pages/7vv57UN7TFixxVA7jixl" %}
[Exchange (EWS)](/next-generation-product/getting-started/7.-incident-responder-setup/step-2.-mail-configurations/exchange-ews.md)
{% endcontent-ref %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://doc.keepnetlabs.com/next-generation-product/customer-success/how-to-videos/incident-responder/setup-required.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.