CLOUD CONNECTOR

Mimecast

[Logo]

Mimecast is a vendor of cloud solutions for email and web based threats, providing email security and threat intelligence, web security, cloud archive for email, cybersecurity training, and mailbox continuity.

Securonix integrates with the Mimecast API for email and web security events, account compromise indicators, malware, business email compromise (BEC), and phishing alerts, as well as context enrichment for threat chaining.

Mimecast SIEM API Module Major Log/Event Types Related Threats Use Cases/Threat Packages
Receipt Logs Mimecat Account Code, Message ID, Email Information, Error Information, Rejection Information (If email was rejected), Spam Score and Information, Subject, Virus Information (if found) Malware, Phishing, Account Compromise, BEC Malware, Phishing, Account Compromise, BEC
Process Logs Mimecast Account Code, Message ID, Action Taken, Attachment Details, Quarantine Reason, Targeted Threat Protection - Impersonation Protect Alerts, Message Size Phishing, Account Compromise, BEC Malware, Phishing, Account Compromise
Delivery Logs Mimecast Account Code, Message ID, TLS Cipher, Attachment Delivery Status, No. of Delivery Attempts, Delivery Status, Rejection Code, Recipient, Route, Sender, TLS Version, Errors Brute Force (For Email), BEC, Phishing, Malware Malware, Phishing, Account Compromise, BEC
TTP (Targeted Threat Protection) URL Protect Mimecast Account Code, Date and Time, Reason, Recipient, Route, Sender, Sending Domain, Source IP, URL, URL Category Phishing Phishing
TTP Attachment Protect Mimecast Account Code, Date and Time, File Extension, MIME Type, Filename, MD5 Hash, SHA1 Hash, SHA256 Hash, File Size, Recipient, Route, Sender, Sending Domain, Source IP, URL, URL Category Malware Malware