Enhance log management
and threat remediation
The Securonix platform can ingest Mimecast logs, along with other log sources, to obtain complete visibility across on-prem and cloud environments. The integration ingests audit events, alerts or emails that trigger a DLP or Content Examination policy, inbound and outbound messages, malicious attacks at the customer and regional level, and TTP impersonations and URL logs. Together, Mimecast and Securonix share high-fidelity indicators to help analysts quickly and accurately identify the root cause of an attack and remediate the threat.
Solution overview
1. Emails received by Mimecast are passed through a series of hygiene scanning techniques, to ensure that they are safe before delivery to the recipient.
2. Email intelligence provided by Mimecast is sent to Securonix for normalization.
3. Securonix uses the email intelligence to alert analysts and add context to data from other data sources.
Mimecast + Securonix use cases:
Mimecast data ingested adds additional data and context within Securonix to aid:
Threat correlation
Advanced threat detection
Lateral movement detection
Alert prioritization
Threat intelligence
Key Benefits
01.
Earlier detection and containment of attacks, with rapid response to phishing and business email compromise tactics.
02.
Threat intelligence enrichment detects threats within Mimecast events.
03.
Improve analysis and knowledge of threats through built in dashboards and Mimecast regional threat intelligence.
04.
Correlation across Mimecast events, cloud, endpoint, and network data to quickly identify high-risk individuals and devices that may create future security breaches.
05.
Shared intelligence identities the original threats and targets.