API 2.0 Overview API 2.0 Reference API 1.0 Reference What's New
Alliance Partners
Become a Partner

LogPoint

Developed by LogPoint

From Detection to Security Insights

By integrating Mimecast with LogPoint, organizations gain search and correlation capabilities across all log types to detect and respond to cyberattacks. Deep security insights and rich data visualizations cut cyberattack detection times and empowers incident response and threat-hunting teams to uncover the full kill chain to proactively find potentially malicious activity.

Developer: LogPoint
Contact: LogPoint Support
Documentation: View
Release Date: April 2020
Version: 1.0
Talk to a Specialist
Get Started

Solution Overview

1. Emails received by Mimecast are passed through a series of hygiene scanning techniques, to ensure that they are safe before delivery to the recipient.

2. Email intelligence provided by Mimecast is sent to LogPoint for normalization.

3. LogPoint uses the email intelligence to alert analysts and add context to data from other data sources.

Mimecast + LogPoint Use Cases:

Mimecast data ingested adds additional data and context within LogPoint to aid: 

Automated Email Threat Enrichment

Orchestrate and automate a variety of critical but repeatable Mimecast commands during an incident response to improve response times. 

Complex Email Threat Investigation

Analysts gain greater visibility and new actionable information about the attack through integrated Mimecast commands, with documentation per step and artifact reporting.

Alert Prioritization

Increase efficiency and effectiveness by prioritizing the most pressing threats.

Threat Intelligence

Unifying aggregation, scoring, and sharing of threat intelligence with playbook-driven automation across the security estate.

Malware Containment

Incorporate email into investigations to see if the threat originated via email. Run playbooks for malware containment, phishing investigations, report on anything investigations. Investigate a suspicious URL with Mimecast, search user mailboxes for the URL, and, if found, automatically remove it.

Phishing

The LogPoint form will take an email subject from a user, search through the held message queue and send a Slack message to an analyst for review. The Slack message will contain context provided from Mimecast to allow the security team to Release or Reject the email directly from Slack and communicate the verdict to the original user. 

Search and Destroy

Automate search and email removal actions to any incident response playbook.

                                               Key Benefits

01. 

Earlier detection and containment of attacks, with rapid response to phishing and business email compromise tactics.

02.

Threat intelligence enrichment detects threats within Mimecast events.

03.

Improve analysis and knowledge of threats through built in dashboards and Mimecast regional threat intelligence.

04.

Correlation across Mimecast events, cloud, endpoint, and network data to quickly identify high-risk individuals and devices that may create future security breaches.

05.

 

Shared intelligence identities the original threat and targets.

Back to Top