Configure the Mimecast API 2.0 data connector.
Overview
Adding the Mimecast data connector in Radiant Security gives your organization visibility into phishing links accessed from unmanaged devices. With this data, Radiant Security can detect impacted users who have clicked malicious links from their personal devices, arming you with deeper investigations and surfacing the full scope of an incident.
Additionally, users can complete one-click containment and remediation tasks on security incidents. Supported automated tasks include:
- Block Sender
- Block URLs
To do this, you’ll need to complete the following steps:
- Create the custom role
- Configure the Mimecast API
- Add the data connector in Radiant Security
- Add the action connector in Radiant Security
At the end of this configuration, you will provide Radiant Security with these values:
- Client ID
- Client Secret
Prerequisites
The designated administrator must be assigned a Role with the following criteria:
- Read and Edit API Application Permissions under the Service Menu
- Security Permissions setting must permit the Management of Application Roles
Create the custom role
- Log in to your Mimecast console as an administrator.
- In the menu, click Account, then select Roles.
- Click New Role, set the Name and Description as Radiant Security API 2.0.
- On Security Permissions, select Cannot Manage Roles.
- On Application Permissions, leave the following settings enabled:
- Account Menu | Logs | Read
- Gateway Menu | Policies | All
- Gateway Menu | Managed Senders | All
- Services Menu | URL Protection | All
- Directories | Groups | All
- Monitoring Menu | URL Protection | All
- Directories Menu | Managed Senders | All (in case it exists on the UI)
- Click Save and Exit.
Important note: Be sure to document and store the Client ID and Client Secret carefully, as they cannot be retrieved later. Also, remember to label which is which, as these will need to be provided to Radiant Security later.
Add the data connector in Radiant Security
- Log in to Radiant Security.
- From the navigation menu, select Settings > Data Connector and click + Add Connector.
- Select the Mimecast vendor from the list and click Data Feeds.
- Under Select your data feeds, select the URL Protection click Credentials.
- Under Credential Name, give the credential an identifiable name (e.g.
Mimecast Credentials
) - Under Required Credentials, add the Client ID and the Client Secret Token that you copied from the previous section.
- Click Add Connector to save the changes.
Add the action connector in Radiant Security
- From the navigation menu, select Settings > Action Connectors and click + Add Connector to create a new action connector.
- Select the Mimecast API 2.0 Connector and click Credentials.
- Select the credential for the data connector that you created previously from the drop-down menu and click Add Connector to save your changes.
We value your opinion. Did you find this article helpful? Share your thoughts by clicking here or reach to our Product and Customer Success teams at support@radiantsecurity.ai
Last updated: 2024-08-23