IBM QRadar SOAR
Developed by Mimecast
Overview:
The Mimecast – IBM Resilient integration delivers a more complete SOAR (Security Orchestration, Automation and Response) platform. The Mimecast Actions Add-On offers 22 actions to help customers enrich SOC automation and broaden the scope of playbook-driven incident response and remediation. The Add-On enables organizations to complete key email security actions – from blocking a sender or URL and searching for specific messages – from a single interface, in minutes.
Unlock the value and power of your security tools by integrating them into a single response hub.
Example of a IBM Resilient Workflow using a Mimecast function:
Mimecast Functions:
- Run Tracked Messages Query
- Get Tracked Email
- Get Archived Messages List
- Get Archived Message Details
- Block Sender
- Permit Sender
- Create Blocked Sender Policy
- Get Blocked Sender Policy
- List URLs
- Block URL
- Permit URL
- Delete URL
- Decode URL
- List Groups
- List Members
- Add Group Member
- Remove Group Member
- Find Member
- Create Group
- Search File Hash
- Test Connectivity
- Get Aliases
Custom Mimecast Workflows: Prebuilt utilizing Mimecast specific functions.