Sumo Logic Cloud SOAR | Mimecast Tech Partners

Coordinated, Automated and Efficient Incident Response

By integrating Mimecast and Sumo Logic, organizations gain search and correlation capabilities to detect and respond to cyberattacks from a central location - No needless pivoting between consoles. Sumo Logic combines infrastructure orchestration, playbook automation, case management and integrated threat intelligence to streamline processes and tools.

Developer: Sumo Logic

Contact: Sumo Logic Support

Documentation: View

Release Date: August 2021

Version: 1.0

Talk to a Specialist

Get Started

Solution Overview

1. As inbound emails are received by Mimecast on behalf of the organization, they are subject to analysis by the Mimecast inspection funnel, where a series of email hygiene and advanced security scanning techniques are applied, to ensure that emails are safe before they are delivered to the recipient.

2. Email related data from Mimecast ingested into the Sumo Logic SOAR platform to help with analyst investigations.

3. Coordinate response actions across security tools based on Mimecast data.

4. Adjust Mimecast policies, search and destroy malicious emails, or prevent future threats.

Complex Email Threat Investigation

Develop playbooks to quickly pull together contextual data around an email threat discovered in Mimecast and coordinate next step actions to remediate or flag for further investigation.

Automated Email Threat Enrichment

Orchestrate and automate a variety of critical but repeatable Mimecast commands during an incident response to improve response times.

Complex Email Threat Investigation

Analysts gain greater visibility and new actionable information about the attack through integrated Mimecast commands, with documentation per step and artifact reporting.