Mimecast introduced its Threat Intelligence which offers customers a deeper understanding of the cyber threats their organizations face. The new features are designed to give organizations access to threat data and analytics specific to their overall organization, offering a more granular view of the attacks Mimecast has blocked. The Mimecast Threat Intelligence dashboard highlights end-users who are most at-risk, malware detections, malware origin by geo-location, Indicators of Compromise (IoCs) and malware forensics based on static and behavioral analysis This offers customers a community-based, tailored threat intelligence that is specific to their organization. The data is consolidated into a user-friendly view and is also available for integration into an organization’s security ecosystem through the Threat Feed API. This targeted threat intelligence provides greater visibility and insight to security professionals, enabling them to more easily respond and remediate against threats and malicious files.
The cybersecurity landscape changes daily, and attackers are constantly changing their techniques to avoid detection. According to Mimecast’s recent The State of Email Security Report 2019, 94 percent of organizations saw phishing attacks in the last 12 months and 61 percent said it was likely or inevitable that they would be hit with an email-borne attack. IT and security teams are often overwhelmed by the volume of information they need to track and if the intelligence they need to proactively defend their organization is buried, their defense becomes less effective.
“The cyberthreat landscape is dynamic, complex and driven by a relentless community of adversaries. IT and security teams need threat intelligence that is easy to digest and actionable, so they can better leverage the information to proactively prevent and defend against cyberattacks,” said Josh Douglas, vice president of threat intelligence at Mimecast. “Mimecast sees a lot of data, as we process more than 300 million emails every day to help customers block hundreds of thousands of malicious emails. Mimecast Threat Intelligence helps organizations get the deep insights they need to build a more cyber resilient environment.”
Mimecast Threat Intelligence consists of a Threat Dashboard, Threat Remediation and Threat Feed with Threat Intelligence APIs that each deliver a range of capabilities including:
- A dashboard that is designed to present information specific to each customer in a user-friendly view that gives them greater visibility and control over their security environment. The dashboard highlights end-users who are most at-risk, malware detections, malware origin by geo-location, IoCs and malware forensics based on static and behavioral analysis.
- Threat Remediation that can be accessed directly through the Mimecast Administration Console, removing messages that contain malicious content from view, and restoring messages when necessary.
- The Mimecast Threat Feed which is delivered through the threat intelligence API and threat remediation API providing organizations the ability to deliver threat intelligence directly into their broader security eco-system, including SIEMs, SOARs, next-generation firewalls, and end-point protection. Threat Intelligence APIs also help to identify and counter potential attacks and offer up remediation capabilities through the same portal by providing aggregated threat data across 35,000 Mimecast accounts, so that each individual customer can benchmark themselves against a range of company types in their geographic region, thereby offering a clearer view of threats.
The Mimecast Threat Dashboard and Threat Feed are value-added capabilities for customers with Mimecast’s Secure Email Gateway. Threat Remediation is available to customers who also have Mimecast Internal Email Protect.