Skip to main content

Mimecast integration

Mark Glinski
  • Updated

    Use the Mimecast integration with SecurityScorecard to increase your visibility into email-based threats.

    Meet Mimecast

    Mimecast is a cloud-based, SaaS company that develops cyber-resilience solutions for email. Their Targeted Threat Protection (TTP) service protects organizations from email phishing, impersonation, and malware by live-scanning every email and replacing any external link, contact, or attachment with a safe link.

    The Mimecast integration with SecurityScorecard leverages the TTP service to detect email-related incidents in your domain and provides a tally of these incidents in a private, informational signal:

    Daily Number of Targeted Threat Protection (TTP) Incidents

    Each finding for this signal represents the total number of times TTP triggered on a given day. An increased finding count over your organization’s baseline may indicate exposure to heightened phishing or malware activity or a targeted campaign.

    This daily, informational signal appears with other issue types, but is only visible to the account of the SecurityScorecard user who installs the integration. It also has no impact on your Scorecard score.

    What you need for the integration

    Make sure you have the following before you start setting up the integration:

    • A SecurityScorecard account
    • A Mimecast administrative account or access to a Mimecast administrator

    Set up the integration

    Take the following steps integrate Mimecast with SecurityScorecard:

    Step 1: Prepare your Mimecast service account

    1. In Mimecast click the Directories tab, and select Internal Directories

      mimecast-directories.png

    2. In Internal Directories, select the domain where your service account will be created. Then click New Address.

      mimecast-select-domain.png

    3. When you are redirected to a form for setting up your service account, create a password, provide any other necessary information, and click Save

      mimecast-password-setup.png

    Step 2: Create a SecurityScorecard API integration

    1. In Mimecast, click the Services tab, and select API and Platform Integrations.
      Note: Only Mimecast API 1.0 will work at this time. Do not use API 2.
      mimecast-services-api.png

    2. Click Application Integrations, and then click Add API Application.

      mimecast-api-application.png

    3. In the Details form, enter information as indicated in the following screenshot.

      mimecast-api-integration-details.png

    4. Go to the Settings form, enter SecurityScorecard as the developer, and provide an email address. 

      mimecast-api-integration-developer.png
      Note: Wait 30 minutes before creating your keys in the next step.
    5. On the Summary page, click Create Keys.

      mimecast-integration-summary.png

    6. On the Account page, enter the email address for the account you created in Step 4.

      mimecast-keys-email.png

    7. On the Authentication page enter the Mimecast service account password.

      mimecast-keys-account.png

    8. On the Keys page, copy and safely store your keys, which you will need when you install the Mimecast integration in SecurityScorecard. 

      mimecast-keys-keys.png

     

    Step 3: Add your Mimecast service account to Basic Administrator role

    1. In Mimecast, click the Account tab, and select Roles.

      mimecast-account-role.png

    2. Select the Basic Administrator row.

      mimecast-role-basic-admin.png

    3. Click Add User to Role.

      mimecast-add-user-to-role.png

    4. When you are redirected to the next page, select your Mimecast service account, and confirm your selection.

    Step 4: Add your Scorecard domain to Mimecast’s internal domain list

    Follow Mimecast’s guidance for configuring internal domains and subdomains.

    Step 5: Install the Mimecast integration

    1. Select Marketplace from the top menu in the SecurityScorecard platform.

      marketplace-off-dashboard.png
    2. On the Marketplace page, start typing Mimecast in the search box and then select Mimecast to go to the installation page.

      mimecast-marketplace.png

    3. View a description of the app, and click Install.

      mimecast-install.png

    4. When prompted, allow Mimecast to access your SecurityScorecard account.

      mimecast-access.png

    5. When prompted, enter your Mimecast bot integration keys and related information that you generated when creating your SecurityScorecard API integration.

      mimecast-enter-keys.png

    The installation completes with a success message.

    If the installation fails, do the following to troubleshoot and try again:

    • Make sure the credentials and keys you entered were correct.
    • Make sure you have added the domain of your Scorecard to the Mimecast internal domain list. 

    View Mimecast TTP signals in your Scorecard

    Note: The integration generates new findings at a specific time each day, so you will see Mimecast signals within within 24 hours  of completing the installation, if not immediately afterward. 
    1. In the SecurityScorecard platform, click the Scorecard tab, and select the Information Leak factor. Any available Mimecast TTP signals appear in the Informational Signals section for that factor.

      mimecast-factor.png

      or

      Click the Issues tab in the Scorecard. Any available Mimecast signal appears with their logo in the Informational rows of the table.

      mimecast-issues.png

    2. Click the signal to see a description of the signal and reference links for additional information or guidance.

      mimecast-detail.png

    3. Scroll down to see the number of findings.

      mimecast-findings.png

     

    Learn more

    See Mimecast's email threat protection page

    Give feedback or get help 

    If you need help, have questions, or would like to give feedback about this integration, submit a Support request.




    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.