HERE'S WHY
Note: Curricula is now part of Huntress, and we’ve updated all references from Curricula to Huntress in Drata.
Connecting your Huntress account will automate the evidence collection process when your personnel completes an assigned security awareness training.
BEFORE DIVING IN
Ensure to create your account and complete the setup for personnel and assignments.
Verify there is an assignment in your account with one of the following statuses before connecting to Drata: In-Progress, Completed, or Draft.
Data from deleted assignments cannot be imported to Drata.
Ensure that all personnel are enrolled in the correct Huntress assignments.
How Drata Determines Training Compliance
For each individual, Drata uses a combination of campaign selection, enrollment, and completion status to determine their respective training compliance.
Selection
Drata will only consider campaigns that are selected within the connection settings.
Example:
☑Campaign A
☑Campaign B
☐Campaign C
Enrollment and Completion
Drata takes the selected campaigns and checks which individuals are enrolled. Each individual is required to complete all of their selected and enrolled campaigns.
If an individual is only enrolled in one selected campaign, this campaign will determine their complete compliance (superhero below). If they are enrolled in more than one campaign, then they will have to complete all of the campaigns to be considered compliant (astronaut and wizard below).
Example
| Campaign A | Campaign B | Campaign C |
Enrollment | 👩🚀🧙♀️🦸♀️ | 👩🚀🧙♀️🥷 | 👩🚀🧙♀️🦸♀️🥷 |
Completion | 🟢🛑🟢 | 🟢🟢🛑 | 🟢🛑🟢🛑 |
Drata Compliance:
Taking these items together, we have 4 representative individuals.
👩🚀 This individual is enrolled in both selected campaigns and has completed both. They will be marked as compliant in Drata.
🧙♀️ This individual is enrolled in both selected campaigns, but has only completed one. They will not be marked as compliant in Drata.
🦸♀️ This individual is only enrolled in one selected campaign and has completed it. They will be marked as compliant in Drata.
🥷 This individual is only enrolled in one selected campaign, but has not completed it. They will not be marked as compliant in Drata.
Note: While all 4 individuals are enrolled in Campaign C, it is not selected and is therefore ignored.
Character | Campaign A | Campaign B | Campaign C | Overall Status |
👩🚀 | Enrolled: 🟢 | Enrolled: 🟢 | Not Selected | 🟢 2 |
🧙♀️ | Enrolled: 🛑 | Enrolled: 🟢 | Not Selected | 🛑 1/2 |
🦸♀️ | Enrolled: 🟢 | Not Enrolled | Not Selected | 🟢 |
🥷 | Not Enrolled | Enrolled: 🛑 | Not Selected | 🛑 |
Persistence
Drata only syncs security awareness training for individuals who are not yet compliant.
Once an individual is marked compliant for security awareness training, Drata will stop syncing their status from Huntress. This ensures that changes in Huntress do not errantly overwrite that individual’s compliant status in Drata.
To reset one or more individual's security awareness, refer to this article.
Connect Huntress to Drata
Select Connections on the left navigation menu.
Select Available Tabs and search for "Huntress".
Select Connect.
After selecting the Connect your Huntress Account button, you will be prompted to log in to Huntress to accept the required request.
Once Drata has established a connection with Huntress, you will need to select all assignments you wish to apply to security awareness training.
For more detail on assignment logic, refer to the previous How Drata Determines Training Compliance section.
Expired token
Ensure that your token is not expired so that your Huntress connection stays connected. To learn more, refer to Huntress's documentation Token Expiration.
Verify Settings
After connecting your Huntress account to Drata, we will automatically set Huntress as your training provider in the Internal Security page.
To go to the Internal Security page, select your account from the bottom left navigation and select Settings. Then select Internal Security. Under Annual Security Awareness Training, select "Use Huntress for cyber security awareness training".
Employee Onboarding
Once connected, your personnel will see a Huntress branded screen during their onboarding, asking them to complete their training in Huntress.
Within Drata, we will update personnel activity every night and retrieve completion certificates for anyone that has completed the assigned security training.