Comment on page

Quickstart: Deploy Salem

✦ An active Azure subscription, including Azure Active Directory
✧ An active Microsoft 365 license that includes Microsoft Teams
✦ An active Whitehat Cybersecurity Team
✧ Optimism and a little Blackbox Magic
It is presumed these are already collected and will not be further dealt with here.
Create App Registration
  1. 1.
    From a web browser, go to the Azure Portal and sign in.
  2. 2.
    From the Azure portal, search for and select "Azure Active Directory".
  1. 3.
    Select 'Add' and 'App registration'
  1. 4.
    From the Register an application page: ✦ Enter a name ✧ Select account type ✦ Single tenant will typically be the best option however Multi-tenant capability might be useful depending on your situation* ✧ Enter Redirect URI. Platform type 'Web' with a value of ''
  2. 5.
    Select 'Register'
  3. 6.
    Note down the Application ID, Object ID, and Directory ID.
  1. 7.
    Select 'Certificates & secrets'
  1. 8.
    Create 'New client secret'
    Select a reasonable expiry time, if the secret expires, users will no longer be able to logon to Salem
  2. 9.
    Note down the secret value
  1. 10.
    Select "App Roles"
  1. 11.
    Create Application Roles ✧ There are three Salem roles (salem.user, salem.analyst, salem.admin) and you an create AD roles that contain any combination of these roles. For now, create a new role: ✦ Display Name: Salem_Admins ✧ Allowed Member Types: Users/Groups ✦ Value: salem.analyst,salem.admin ✧ Description: Users with this role will have both analyst and admin permissions

Add Users

  1. 12.
    Return to Azure Active Directory in the Azure portal
  2. 13.
    Select "Enterprise applications"
  1. 14.
    Search for and select the name of the app registration you just created
  2. 15.
    Select "Users and groups"
  3. 16.
    Add user/group ✧ Select a user or group ✦ Select the role created above ✧ Continue adding individual users as needed. NOTE: each user or group can only be assigned on app role
  1. 1.
    From the Azure portal, search for and select 'Marketplace'.
  1. 2.
    Use the search feature to find "Salem the AI Cyber Analyst for SOC Automation".
  2. 3.
    Select and Create ✧ App configuration details should have been note when creating the app registration ✦ Under 'Network Configuration', provide a non-overlapping class C IP address (meaning an IP address block not in use in any network you may connect to Salem). These IP addresses will be used if you peer the Salem Vnet to other Vnets in your Azure subscription. Network peering will allow you to send and receive information from Salem without needing to connect to the Internet. Some communication between Azure services will continue to use Azure network routing. ✧ It may take 30 minutes or more to fully provision Salem
  1. 1.
    Customize Salem App Manifest ✧ The latest app manifest can be found here ✦ Add in the Deployment ID, and Salem Bot Name. These values can be found from the Salem app in Azure under Parameters and Outputs. This ID is NOT the ID of the App registration
  2. 2.
    Create App package ✧ create a zip archive containing the manifest.json, Salem_color.png, and Salem_outline.png files at the root level of the archive.
  3. 3.
    From the teams admin portal, navigate to 'manage apps' and upload the app zip package.
  4. 4.
    Once installed, follow this guide to install.
  5. 5.
    You've now successfully deployed Salem!