Coordinated, automated, and efficient incident response
By integrating Mimecast with Rapid7 InsightConnect, organizations gain search and correlation capabilities to detect and respond to cyberattacks from a central location. InsightConnect is designed to help the security team respond to cyberthreats with confidence, automate with intelligence and collaborate with consistency. It guides the team in resolving incidents by codifying established incident response processes into automated playbooks.
Solution Overview
1. As inbound emails are received by Mimecast on behalf of the organization, they are subject to analysis by the Mimecast inspection funnel, where a series of email hygiene and advanced security scanning techniques are applied, to ensure that emails are safe before they are delivered to the recipient.
2. Email intelligence provided by Mimecast is sent to InsightConnect.
3. Surface email threat data for correlation and analysis, and to be synthesized with a broader set of security data.
4. Automate the management and response to phishing emails.
InsightConnect Playbooks for Mimecast
Mimecast + Rapid7 Use Cases:
Rapid7 drives automated tasks within Mimecast based on event correlation, zero day threats and phishing attacks aiding in:
Threat Correlation
Advanced Threat Detection
Key Benefits
01.
Earlier detection and containment of attacks, with rapid response to phishing and business email compromise tactics.
02.
Rapid7's InsightIDR, analytics and threat intelligence enrichment, detects threats intelligence enrichment, detects threats within Mimecast events.
03.
Increase protection, reduce resource utilization, and improve analysis and knowledge of threats through built-in dashboards and Mimecast regional threat intelligence
04.
Correlation across Mimecast events, alongside user, cloud, endpoint and network data and detections from InsightIDR to quickly identify high-risk individuals and devices that may create future security breaches.
