Mimecast API 2.0

Configure the Mimecast API 2.0 data connector.

Overview

Adding the Mimecast data connector in Radiant Security gives your organization visibility into phishing links accessed from unmanaged devices. With this data, Radiant Security can detect impacted users who have clicked malicious links from their personal devices, arming you with deeper investigations and surfacing the full scope of an incident.

Additionally, users can complete one-click containment and remediation tasks on security incidents. Supported automated tasks include:

• Block Sender
• Block URLs

To do this, you’ll need to complete the following steps:

• Create the custom role
• Configure the Mimecast API
• Add the data connector in Radiant Security
• Add the action connector in Radiant Security

At the end of this configuration, you will provide Radiant Security with these values:

• Client ID
• Client Secret

Prerequisites

The designated administrator must be assigned a Role with the following criteria:

• Read and Edit API Application Permissions under the Service Menu
• Security Permissions setting must permit the Management of Application Roles

Create the custom role

1. Log in to your Mimecast console as an administrator.
2. In the menu, click Account, then select Roles.
3. Click New Role, set the Name and Description as Radiant Security API 2.0.
4. On Security Permissions, select Cannot Manage Roles.
5. On Application Permissions, leave the following settings enabled:
   • Account Menu | Logs | Read
   • Gateway Menu | Policies | All
   • Gateway Menu | Managed Senders | All
   • Services Menu | URL Protection | All
   • Directories | Groups | All
   • Monitoring Menu | URL Protection | All
   • Directories Menu | Managed Senders | All (in case it exists on the UI)
6. Click Save and Exit.

Configure the Mimecast API
1.   Log in to your Mimecast console as an administrator.
2.   In the administration menu, click Services, then select API and Platform Integrations.
3.   Under Mimecast API 2.0, click Generate Keys.
4.   On Application Details, fill the form with the following values: Application Name: Radiant Security API 2.0 Category: Others Products: Select the following entries: Email Security Cloud Gateway Policy Management Threat Management Audit Events Security Events User and Group Management Application Role: Radiant Security API 2.0 Description: Radiant Security API 2.0 Connector
5.   Click Next.
6.   Fill in the following values: Technical Point of Contact: <internal user responsible for managing the integration> Email: <associated email of the technical point of contact>
7.   Click Next.
8.   Confirm the values in the summary.
9.   The wizard completes and displays a pop-up window including your Client ID and Client Secret, where you can copy and save the credentials for the API application.
10.   Copy the application values for: Client ID Client Secret

Add the data connector in Radiant Security

1. Log in to Radiant Security.
2. From the navigation menu, select Settings > Data Connector and click + Add Connector.
3. Select the Mimecast vendor from the list and click Data Feeds.
   
4. Under Select your data feeds, select the URL Protection click Credentials.
   
5. Under Credential Name, give the credential an identifiable name (e.g.Mimecast Credentials)
6. Under Required Credentials, add the Client ID and the Client Secret Token that you copied from the previous section.
7. Click Add Connector to save the changes.
   

Add the action connector in Radiant Security

1. From the navigation menu, select Settings > Action Connectors and click + Add Connector to create a new action connector.
2. Select the Mimecast API 2.0 Connector and click Credentials.
   
3. Select the credential for the data connector that you created previously from the drop-down menu and click Add Connector to save your changes.