Use the Agari Phishing Defense integration to retrieve Policy Events as Incidents, retrieve messages and remediate suspected messages.
Agari Phishing Defense (APD) stops phishing, BEC, and other identity deception attacks that trick employees into harming your business. APD prevents threats from reaching employee inboxes by scoring every message flowing into and within the organization to defend against these low-volume, highly-targeted identity deception-based attacks.
This Agari Phishing Defense content pack contains an APD integration that provides customers with a granular level of visibility into email threats and the ability to orchestrate protection processes and safeguard infrastructure from within Cortex XSOAR. The Agari Phishing Defense playbook enables gathering policy events and associated messages from APD, enriching data using Cortex XSOAR built-in sub-playbooks, and performing remediation.
What does this pack do?
- The playbooks included in this pack help you by providing a consolidated view of all security incidents that saves time and keeps your email security in check.
- Imports policy events and corresponding message metadata from Agari Phishing Defense.
- Does email enrichment (IP, domain, URL, attachment, email address, etc.)
- Does email authenticity check
- Does remediation if malicious
_For more information, visit (https://www.agari.com/email-security-blog/integration-cortex-xsoar/)_
Agari Phishing Defense (APD) stops phishing, BEC, and other identity deception attacks that trick employees into harming your business. APD prevents threats from reaching employee inboxes by scoring every message flowing into and within the organization to defend against these low-volume, highly-targeted identity deception-based attacks.
This Agari Phishing Defense content pack contains an APD integration that provides customers with a granular level of visibility into email threats and the ability to orchestrate protection processes and safeguard infrastructure from within Cortex XSIAM. The Agari Phishing Defense playbook enables gathering policy events and associated messages from APD, enriching data using Cortex XSIAM built-in sub-playbooks, and performing remediation.
What does this pack do?
- The playbooks included in this pack help you by providing a consolidated view of all security incidents that saves time and keeps your email security in check.
- Imports policy events and corresponding message metadata from Agari Phishing Defense.
- Does email enrichment (IP, domain, URL, attachment, email address, etc.)
- Does email authenticity check
- Does remediation if malicious
_For more information, visit (https://www.agari.com/email-security-blog/integration-cortex-xsoar/)_
