Skip to main content

Cyren Inbox Security

This Integration is part of the Cyren Inbox Security Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Cyren Inbox Security is an innovative solution that safeguards Office 365 mailboxes in your organization against evasive phishing, business email compromise (BEC), and fraud. This integration imports incidents from Cyren Inbox Security into XSOAR, and includes a playbook for incident resolution. This integration was integrated and tested with version 1.0 of Cyren Inbox Security

Configure Cyren Inbox Security on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Servers & Services.

  2. Search for Cyren Inbox Security.

  3. Click Add instance to create and configure a new integration instance.

    Server URLThe endpoint provided by your Cyren Representative. (use "sample" to test)True
    Client IDThe client iD provided by your Cyren Representative. (use "sample" to test)True
    Client SecretThe client secret provided by your Cyren Representative. (use "sample" to test)True
    First fetch time1 day, 2 days, etc...False
    Maximum number of incidents per fetchFalse
    Incident typeFalse
    Fetch incidentsFalse
  4. Click Test to validate the URLs, token, and connection.


You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.


resolve a case and remediate incidents

Base Command#



Argument NameDescriptionRequired
case_idcase ID.Required
resolutionresolution. Possible values are: phishing, malware, clean, other.Optional
resolution_reasonthe reason of the resolution. Possible values are: Identified phishing URL, Identified suspicious sender, Other, Scam, Spam.Optional
resolution_reason_textfree text for resolution reason.Optional
actionsremediation actions to perform. Possible values are: MOVE_TO_SPAM, MOVE_TO_DELETED, ADD_BANNER, SOFT_DELETE, MOVE_TO_INBOX, REMOVE_BANNER.Optional

Context Output#

PathTypeDescription of actions performed

Command Example#

!cyren-resolve-and-remediate resolution=phishing resolution_reason="Identified suspicious sender" case_id="62877980-6ac7-4944-b3fa-62ddf628a0fe" resolution_reason_text="I think it is phishing" actions=ADD_BANNER,MOVE_TO_DELETED

Context Example#

"Cyren": {
"data": {
"status": "ok"

Human Readable Output#

cyren-resolve-and-remediate results#


end of results


resets integration to fetch a sample incident

Base Command#



Argument NameDescriptionRequired

Context Output#

There is no context output for this command.

Command Example#


Human Readable Output#

A sample incident will be created on the next execution of system fetch-incidents command