API 2.0 Overview API 1.0 to 2.0 Migration Guide What's New
Action Usecase Alerting Usecase Analysis and Response API's Building Search Queries Configuration Backup Restore and Export APIs Enrichment Usecase Groups Usecase Mimecast API In Power BI Secure Email Gateway SIEM Tutorial CG SIEM Tutorial CI SIEM Batch CG Guidelines SIEM Batch CI Guidelines
API 2.0 Reference API 1.0 Reference
Alliance Partners
Become a Partner

SentinelOne

Developed by SentinelOne

Unify Endpoint and Email

Mimecast and SentinelOne provide an integrated solution to stop threats, provide security insights and streamline response across the organization. By integrating Mimecast with SentinelOne, SecOps teams can standardize their incident response processes, accelerate the time it takes to detect and apply security measures for containing and remediating attack campaigns. The integration helps with cross-domain detections, by leveraging identity endpoint, application, email, and other tools to obtain a complete understanding of the threat. Through the sharing of intelligence from email and endpoint security solutions, analysts obtain increased visibility and context into threats that would not be addressed in a typical siloed security approach.

Developer: SentinelOne
Contact: SentinelOne
Documentation: View
Release Date: May 2023
Version: 2.0
Talk to a Specialist
Get started

Solution Overview

1. Centralized threat hunting and dash-boarding with XDR feed threat enrichment from managed endpoint devices.

2. Mimecast telemetry is fed into the singularity platform which includes audit, alert, TTP event logs and related emails or alerts.

3. Response actions within the singularity platform suspend suspicious Mimecast users.

4. Prevent the delivery of supply chain attacks or data leaks via email.

Do More Without SIEM + SOAR

Mimecast + SentinelOne Use Cases:

Rapidly respond to threats across endpoints and email for a holistic approach to triage, investigation, and incident response:

Operationalize Security Data for Threat Hunting and Investigation

Ingest logs from Mimecast into Singularity for centralized email threat visibility, threat hunting capabilities, dashboarding, and cross-telemetry alerting. Analysts can obtain better visibility into potential threats and take appropriate action to mitigate risks.

Accelerate Triage with Added Context

Customers can accelerate incident triage and investigation by enriching threats in SentinelOne Singularity with contextually related emails or alerts from Mimecast. This integration allows customers to view contextually related emails or alerts in Mimecast in the XDR feed, enabling analysts to make decisions about the threat and take appropriate action quickly.

        Key Benefits

01.

Increase efficiency of incident triage and investigation.

02.

Expand visibility into endpoint and email activity

03.

Reduce dwell time of insider threats with adaptive policy-based management

04.

Reduce attack surface by integrating leading endpoint and email platforms

Related resource

Resources_113.jpg

Unify Endpoint and Email with SentinelOne and Mimecast

Read Now
Back to Top