CLOUD CONNECTOR
Mimecast
[Logo]
Mimecast is a vendor of cloud solutions for email and web based threats, providing email security and threat intelligence, web security, cloud archive for email, cybersecurity training, and mailbox continuity.
Securonix integrates with the Mimecast API for email and web security events, account compromise indicators, malware, business email compromise (BEC), and phishing alerts, as well as context enrichment for threat chaining.
| Mimecast SIEM API Module | Major Log/Event Types | Related Threats | Use Cases/Threat Packages |
|---|---|---|---|
| Receipt Logs | Mimecat Account Code, Message ID, Email Information, Error Information, Rejection Information (If email was rejected), Spam Score and Information, Subject, Virus Information (if found) | Malware, Phishing, Account Compromise, BEC | Malware, Phishing, Account Compromise, BEC |
| Process Logs | Mimecast Account Code, Message ID, Action Taken, Attachment Details, Quarantine Reason, Targeted Threat Protection - Impersonation Protect Alerts, Message Size | Phishing, Account Compromise, BEC | Malware, Phishing, Account Compromise |
| Delivery Logs | Mimecast Account Code, Message ID, TLS Cipher, Attachment Delivery Status, No. of Delivery Attempts, Delivery Status, Rejection Code, Recipient, Route, Sender, TLS Version, Errors | Brute Force (For Email), BEC, Phishing, Malware | Malware, Phishing, Account Compromise, BEC |
| TTP (Targeted Threat Protection) URL Protect | Mimecast Account Code, Date and Time, Reason, Recipient, Route, Sender, Sending Domain, Source IP, URL, URL Category | Phishing | Phishing |
| TTP Attachment Protect | Mimecast Account Code, Date and Time, File Extension, MIME Type, Filename, MD5 Hash, SHA1 Hash, SHA256 Hash, File Size, Recipient, Route, Sender, Sending Domain, Source IP, URL, URL Category | Malware | Malware |