🌙
 

Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Email Watchlist

detectors


The Email Watchlist detector collects and normalizes email events from third-party data sources. The events are converted into an alert and assigned a severity and confidence based on the activity observed. The following integrations are currently handled by the Email Watchlist detector:

Examples of threat actor techniques using email as an attack vector include:

Email Watchlist Detector

Email Watchlist Detector

Input(s)

Proofpoint, Mimecast

Schema

email

Input Field(s)

Field
sensor_type
status
threats.classification

Outputs

Alerts pushed to the Secureworks® Taegis™ XDR Alert Database and Secureworks® Taegis™ XDR Dashboard.

MITRE ATT&CK Category

Configuration Options

None

Detector Requirements

 

On this page: