Quickstart: Deploy Salem

✦ An active Azure subscription, including Microsoft Entra ID
✧ An active Microsoft 365 license that includes Microsoft Teams 
✦ An active Whitehat Cybersecurity Team
✧ Optimism and a little Blackbox Magic 

Please reach out to support@salemcyber.com with any questions.

Create App Registration

  1. From a web browser, go to the Azure Portal and sign in.

  2. From the Azure portal, search for and select "Microsoft Entra ID".

  1. In the top left, select 'Add' and then 'App registration'

  1. From the Register an application page: ✦ Enter a name ✧ Select account type (Note: Single tenant is typically the best option) ✧ Enter Redirect URI. Platform type 'Web' with a value of 'https://token.botframework.com/.auth/web/redirect'

  2. Select 'Register'

  3. Record the Application ID, Object ID, and Directory ID for future use.

  1. In the newly created App registration resource, select 'Certificates & secrets' in the menu on the left.

  1. Create 'New client secret'

    Select a reasonable expiry time, if the secret expires, users will no longer be able to logon to Salem

  2. Note down the secret value

  1. Select "App Roles"

  1. Create Application Roles ✧ There are three Salem roles (salem.user, salem.analyst, salem.admin) and you an create AD roles that contain any combination of these roles. For now, create a new role: ✦ Display Name: Salem_Admins ✧ Allowed Member Types: Users/Groups ✦ Value: salem.analyst,salem.admin ✧ Description: Users with this role will have both analyst and admin permissions

  1. Return to Microsoft Entra ID in the Azure portal

  2. Select "Enterprise applications"

  1. Search for and select the name of the app registration you just created

  2. Select "Users and groups"

  3. Add user/group ✧ Select a user or group ✦ Select the role created above ✧ Continue adding individual users as needed.

  1. From the Azure portal, search for and select 'Marketplace'.

  1. Use the search feature to find "Salem the AI Cyber Analyst for SOC Automation".

  2. Select and Create ✧ App configuration details should have been noted when creating the app registration ✦ Under 'Network Configuration', provide a non-overlapping class C IP address (meaning an IP address block not in use in any network you may connect to Salem). These IP addresses will be used if you peer the Salem Vnet to other Vnets in your Azure subscription. Network peering will allow you to send and receive information from Salem without needing to connect to the Internet. Some communication between Azure services will continue to use Azure network routing. ✧ It may take 30 minutes or more to fully provision Salem

  1. Customize Salem App Manifest ✧ The latest app manifest can be found here ✦ Add in the Deployment ID, and Salem Bot Name. These values can be found from the Salem app in Azure under Parameters and Outputs. This ID is NOT the ID of the App registration

  2. Create App package ✧ create a zip archive containing the manifest.json, Salem_color.png, and Salem_outline.png files at the root level of the archive.

  3. From the teams admin portal, navigate to 'manage apps' and upload the app zip package.

  4. Once installed, follow this guide to install.

  5. You've now successfully deployed Salem!

Last updated