Coordinated, Automated and Efficient Incident Response
By integrating Mimecast and Torq, organizations gain search and correlation capabilities to detect and respond to cyberattacks from a central location. No needless pivoting between consoles. Torq combines infrastructure orchestration, playbook automation, case management and integrated threat intelligence to streamline processes and tools.
Solution overview
- As inbound emails are received by Mimecast on behalf of the organization, they are subject to analysis by the Mimecast inspection funnel, where a series of email hygiene and advanced security scanning techniques are applied, to ensure that emails are safe before they are delivered to the recipient.
- Email related data from Mimecast ingested into the Torq SOAR platform to help with analyst investigations.
- Coordinate response actions across security tools based on Mimecast data.
- Adjust Mimecast policies, search and destroy malicious emails, or prevent future threats.
Mimecast + Torq use cases
Attachment and URL Analysis
Scan email attachments and URLs with multiple sandboxing technologies for malware or suspicious content, including sandboxing attachments, scanning URLs for known bad domains, and taking appropriate actions based on the analysis.
Compromised Account Response
Analyze cloud-based behaviors associated with phishing attacks, disable compromised credentials automatically, and expedite the reset process for compromised credentials alerting the users.
Key benefits
01.
Automate email security processes, shorten decision making cycle, and drive resource efficiency through automation.
02.
Enrich intelligence from Mimecast and other security tools for coordinated response.
03.
Achieve full orchestration capabilities using proactive playbooks and workflows.