Rapid7 insightConnect

Developed by Rapid7

Overview

Mimecast email security data and controls integrated with Rapid7 InsightConnect, a Security Orchestration, Automation and Response (SOAR) solution, enables security teams to work smarter, respond faster, and strengthen cyber resilience.

Combined, the two solutions:

  • Allow organizations to realize the full benefit of SOAR investments.
  • Rapidly respond to email security needs from a single interface.

Rapid7 InsightConnect is a security orchestration and automation solution that enables teams to accelerate and streamline time-intensive processes with little to no code. With 270+ plugins to connect tools and easily customizable connect-and-go workflows, InsightConnect frees up security teams to tackle other challenges, while still leveraging their expertise when it’s most critical.

Email remains a primary attack vector and the front line of  incident detection, response and remediation, so integration is vital across your tech stack. Without it, organizations remain unable to realize the full benefit of SOAR investments, such as efficiently updating protection at the gateway based on Indicators of Compromise (IoCs) identified elsewhere in the infrastructure. Integrating Mimecast email security data and controls with Rapid7 InsightConnect addresses this clear need to improve cyber resilience and improve ROI by making more efficient use of limited security resources.

Rapid7 InsightConnect | Mimecast Integration Automated Functions:

Block Sender:

  • Prevent email delivery from known or specified malicious senders.

Permit Sender:

  • Allow email receipt from trusted senders.

Block Domain:

  • Prevent email delivery from known or specified malicious domains.

Permit Domain:

  • Allow email receipt from trusted domains.

Find Groups

  • Search for a group that match a given query.

Add Group Member

  • Add an email address or domain to a profile group.

Delete Group Member

  • Remove an email address or domain from a profile group.

Get Managed URLs:

  • Retrieve a list of all the currently managed URLs in the system.

Create Managed URLs:

  • Add to the list of allowed / blocked managed URLs in the system.

Delete Managed URLs:

  • Remove from the allowed / blocked managed URLs in the system.

Decode URL:

  • Decode a Mimecast rewritten URL.

Get Targeted Threat Protection URL Logs:

  • Retrieve the mimecast TTP URL logs that match a given query.

 

Developer

Rapid7

Contact

Rapid7

Documentation

View

Release Date

October 2020

Version

1.0

GET STARTED
Back to Top