API 2.0 Overview API 1.0 to 2.0 Migration Guide What's New
Action Usecase Alerting Usecase Analysis and Response API's Building Search Queries Configuration Backup Restore and Export APIs Enrichment Usecase Groups Usecase Mimecast API In Power BI Secure Email Gateway SIEM Tutorial CG SIEM Tutorial CI SIEM Batch CG Guidelines SIEM Batch CI Guidelines
API 2.0 Reference API 1.0 Reference
Technology Partners
Become a Partner

IBM QRadar SOAR

Developed by Mimecast

Coordinated, Automated and Efficient Incident Response

By integrating Mimecast and IBM Security QRadar SOAR, organizations gain search and correlation capabilities to detect and respond to cyberattacks from a central location, without having to pivot between consoles. QRadar SOAR is designed to help the security team augment the analyst experience, allowing SOC teams to respond to cyberthreats confidently, automate intelligently and collaborate consistently. It guides the team in resolving incidents by codifying established incident response processes into dynamic playbooks.
IBM Security Logo
Developer: Mimecast
Supported By: Mimecast
Documentation: View
Release Date: October 2019
Version: 1.0
Talk to a Specialist
GET STARTED

Solution Overview

1. As inbound emails are received by Mimecast on behalf of the organization, they are subject to analysis by the Mimecast inspection funnel, where a series of email hygiene and advanced security scanning techniques are applied, to ensure that emails are safe before they are delivered to the recipient.

2. Email related data from Mimecast ingested into the IBM Security platform to help with analyst investigations.

3. Coordinate response actions across security tools based on Mimecast data.

4. Adjust Mimecast policies, search and destroy malicious emails, or prevent future threats.

 

  • Example of a IBM Resilient Workflow using a Mimecast function
  • Custom Mimecast Workflows: Prebuilt utilizing Mimecast specific functions.
  • Example of a IBM Resilient Workflow using a Mimecast function
  • Custom Mimecast Workflows: Prebuilt utilizing Mimecast specific functions.

Mimecast & IBM Resilient Use Cases:

Coordinated response aiding in:

Automated Email Threat Enrichment

Orchestrate and automate a variety of critical but repeatable Mimecast commands during an incident response to improve response times. 

Complex Email Threat Investigation

Analysts gain greater visibility and new actionable information about the attack through integrated Mimecast commands, with documentation per step and artifact reporting. 

Alert Prioritization

 Increase efficiency and effectiveness by prioritizing the most pressing threats.

Threat Intelligence

Unifying aggregation, scoring, and sharing of threat intelligence with playbook-driven automation across the security estate.

Key Benefits

01.

Automate email security processes, shorten decision-making, and drive resource efficiency through automation. 

02.

Enrich intelligence from Mimecast and other security tools for a coordinated response. 

03.

Achieve full orchestration capabilities using proactive playbooks and workflows.

IBM QRadar SIEM

Explore Integration
Back to Top