Enhance log management and threat remediation

Built on big data, Securonix SIEM combines log management, user and entity behavior analytics (UEBA), and security incident response. It collects volumes of data in real-time, uses patented machine learning algorithms to detect advanced threats, and provides artificial intelligence-based security incident response capabilities for fast remediation.

The Securonix platform can ingest Mimecast logs, along with other log sources, to obtain complete visibility across on-prem and cloud environments. The integration ingests audit events, alerts or emails that trigger a DLP or Content Examination policy, inbound and outbound messages, malicious attacks at the customer and regional level, and TTP impersonations and URL logs. 

Together, Mimecast and Securonix share high-fidelity indicators to help analysts quickly and accurately identify the root cause of an attack and remediate the threat. 

Mimecast + Securonix Use Case:

• Threat correlation: Identify initial attack deployment methodology, characteristics and subsequent access attempts without manual effort or multiple toolsets. 
• Advanced threat detection: Improve your organization’s security posture and detect threats by augmenting email perimeter defense with user and entity behavior analytics. 
• Lateral movement detection: Detect and follow attackers even as they switch IP addresses, devices, or credentials. 
• Alert prioritization: Increase efficiency and effectiveness by prioritizing the most pressing threats. 
• Threat intelligence: Understand how your organization has been targeted and what attacks have been blocked for better protection at the email perimeter, inside the network and beyond its perimeter. 
• Threat investigation: Analyze activity events before and after an attack across the entire attack chain to enhance analyst productivity and remediate vulnerabilities.