Securonix

Developed by Securonix

Enhance log management
and threat remediation 

The Securonix platform can ingest Mimecast logs, along with other log sources, to obtain complete visibility across on-prem and cloud environments. The integration ingests audit events, alerts or emails that trigger a DLP or Content Examination policy, inbound and outbound messages, malicious attacks at the customer and regional level, and TTP impersonations and URL logs. Together, Mimecast and Securonix share high-fidelity indicators to help analysts quickly and accurately identify the root cause of an attack and remediate the threat. 

Solution overview

1. Emails received by Mimecast are passed through a series of hygiene scanning techniques, to ensure that they are safe before delivery to the recipient.

2. Email intelligence provided by Mimecast is sent to Securonix for normalization.

3. Securonix uses the email intelligence to alert analysts and add context to data from other data sources.

Mimecast + Securonix use cases:

Mimecast data ingested adds additional data and context within Securonix to aid:

Icon_Bcircle_correlation.svg

Threat correlation

Identify initial attack deployment methodology, characteristics and subsequent access attempts without manual effort or multiple toolsets.
Icon_Bcircle_magnifying-glass.svg

Advanced threat detection

Improve your organization's security posture and detect threats by augmenting email perimeter defense with user and entity behavior analytics.
Icon_Bcircle_follow.svg

Lateral movement detection

Detect and follow attackers even as they switch IP addresses, devices, or credentials.
icon_Bcircle_alert.svg

Alert prioritization

Increase efficiency and effectiveness by prioritizing the most pressing threats.
icon_threat_intelligence_hub.png

Threat intelligence

Understand and block attacks at all levels of your organization, as well as analyze events across the attack chain to enhance productivity and remediate vulnerabilities.

                                            Key Benefits

01. 

Earlier detection and containment of attacks, with rapid response to phishing and business email compromise tactics.

02.

Threat intelligence enrichment detects threats within Mimecast events.

03. 

Improve analysis and knowledge of threats through built in dashboards and Mimecast regional threat intelligence. 

04.

Correlation across Mimecast events, cloud, endpoint, and network data to quickly identify high-risk individuals and devices that may create future security breaches.

05.

Shared intelligence identities the original threats and targets.

Back to Top