API 2.0 Overview API 1.0 to 2.0 Migration Guide What's New
Action Usecase Alerting Usecase Analysis and Response API's Building Search Queries Configuration Backup Restore and Export APIs Enrichment Usecase Groups Usecase Mimecast API In Power BI Secure Email Gateway SIEM Tutorial CG SIEM Tutorial CI SIEM Batch CG Guidelines SIEM Batch CI Guidelines
API 2.0 Reference API 1.0 Reference
Technology Partners
Become a Partner

Transform Isolated Alerts Into Threat Context

Coordinated, Automated and Efficient Threat Detection and Incident Response

Mimecast and Blumira provide an integrated solution to improve detection, stop threats, augment security insights and centralize response across security functions. Email attack investigations usually require pivoting from one suspicious indicator to another to gather critical evidence, grabbing and archiving evidence and finalizing a resolution running these commands traps analysts in a screen-switching cycle.

Blumira’s cloud SIEM platform ingests rich Mimecast information to deliver an automated threat detection and response solution. The Mimecast Actions (logs, email activity, attachments) are available for analyst investigation – from a single interface. With the Mimecast integration with Blumira via Cloud Connectors, Blumira makes it easy to detect threats earlier and coordinate responses across all of the security functions.

Developer: Blumira
Supported By: Blumira Support
Documentation: View
Release Date: May 2025
Version: 2.0
Talk to a Specialist
Get Started

Overview and Data Sources

Ingest email security telemetry from Mimecast directly into Blumira through real-time streaming and batch data feeds. SOC analysts gain immediate visibility into email threats, BEC attacks, malware detection events, and user behavior patterns within their existing SIEM workflows. The integration provides normalized threat indicators, executive impersonation alerts, and financial fraud detection data to accelerate threat correlation.

blumira-overview.png
  • Audit Logs
  • Message Release Logs
  • Rejection Logs
  • Attachment Protect Logs
  • Impersonation Protect Logs
  • URL Protect Logs
data-sources-integrations.png

Mimecast and Blumira Use Cases:

Mimecast data ingested adds additional data and context within Blumira to aid: 

Threat Correlation

Identify initial attack deployment methodology, characteristics and subsequent access attempts without the need for manual effort or multiple toolsets.

 

Threat Intelligence

Understand how your organization has been targeted and what attacks have been blocked for better protection at the email perimeter, inside the network and beyond its perimeter

Threat Investigation

Analyze activity events before and after an attack across the entire attack chain, including email, to enhance analyst productivity and remediate vulnerabilities.

Contextual Email Threat Investigation

Analysts gain greater visibility and new actionable information about the attack, with documentation per step and artifact reporting.

Alert Prioritization

Increase efficiency and effectiveness by prioritizing the most pressing threats, and customize email detection rules to further reduce any noisy alerts.

Improve Response Times

With automated playbooks sent with every finding, analysts can accelerate security operations workflows and remediate email threats faster for better security outcomes. 
Haut de la page