Google SIEM

From Detection to Security Insights

By integrating Mimecast with Google Chronicle, organizations gain search and correlation capabilities across all log types to detect and respond to cyberattacks and defend against growing threats while modernizing and scaling security operations through integrated visibility, detection, investigation, and response.

Solution Overview

  1. Emails received by Mimecast are passed through a series of hygiene scanning techniques, to ensure that they are safe before delivery to the recipient.
  2. Email intelligence provided by Mimecast is sent to Google Chronicle for normalization.
  3. Google Chronicle uses the email intelligence to alert analysts and add context to data from other data sources.
  4. With Google SOAR automate the management and response to phishing emails.
integrations-google-soar-siem-diagram.webp

Mimecast + Google Chronicle Use Cases

Mimecast data adds additional context within Google Chronicle to aid:

Threat correlation

Identify initial attack deployment methodology, characteristics, and subsequent access attempts without the need for manual effort or multiple toolsets.
integrations-use-cases-fingerprint.webp

Advanced threat detection

Improve your organization’s security posture and detect threats by augmenting email perimeter defense with user and entity behavior analytics.
integrations-use-cases-fingerprint.webp

Lateral movement detection

Detect and follow attackers even as they switch IP addresses, devices, or credentials.
integrations-use-cases-fingerprint.webp

Alert prioritization

Increase efficiency and effectiveness by prioritizing the most pressing threats.
integrations-use-cases-fingerprint.webp

Threat intelligence

Understand how your organization has been targeted and what attacks have been blocked for better protection at the email perimeter, inside the network and beyond its perimeter.
integrations-use-cases-fingerprint.webp

Threat investigation

Analyze activity events before and after an attack across the entire attack chain to enhance analyst productivity and remediate vulnerabilities.
integrations-use-cases-fingerprint.webp
integrations-use-cases-fingerprint.webp
integrations-use-cases-fingerprint.webp
integrations-use-cases-fingerprint.webp
integrations-use-cases-fingerprint.webp
integrations-use-cases-fingerprint.webp
integrations-use-cases-fingerprint.webp

Benefits

01.

Earlier detection and containment of attacks, with rapid response to phishing and business email compromise tactics.

02.

Google Chronicle and threat intelligence enrichment detects threats within Mimecast events.

03.

Increase protection, reduce resource utilization, and improve analysis and knowledge of threats through visualization.

04.

Correlation across Mimecast events, cloud, endpoint, and network data to quickly identify high-risk individuals and devices that may create future security breaches.

Related integrations

 
Back to Top