Developed by Tines
Coordinated, Automated and Efficient Incident Response
Mimecast and Tines provide an integrated solution to improve detection, stop threats, augment security insights and centralize response across security functions. Together, Mimecast and Tines share high-fidelity indicators to help analysts quickly and accurately identify the root cause of an attack and remediate the threat. This helps SecOps teams ward against initial infection and lateral spread that can lead to downtime, ransom demands, lost data and stolen passwords.
The Tines platform ingests rich Mimecast information from URL Logs, held message queue and sender management for analyst investigation or automated Story-driven response – from a single interface.
- Automate email security processes, shorten decision-making cycle, and drive resource efficiency through automation.
- Enrich intelligence from Mimecast and other security tools for coordinated response.
- Achieve full orchestration capabilities using proactive playbooks and workflows.
Incorporate email into investigations to see if the threat originated via email. Run playbooks for malware containment, phishing investigations, report on anything investigations. Investigate a suspicious URL with Mimecast, search user mailboxes for the URL, and, if found, automatically remove it.
The Tines form connected to this Story will take an email subject from a user, search through the held message queue and send a Slack message to an analyst for review. The Slack message will contain context provided from Mimecast to allow the security team to Release or Reject the email directly from Slack and communicate the verdict to the original user.
Hold Queue Management
Tines receives a form submission from a user and will search for held messages on Mimecast based on those details. Tines will send a summary of the message details and spam scores to the user via Slack to enable them review and make a decision.
Search and Destroy