Mimecast - V2

Mimecast provides a mail management system designed to protect email, ensure access and simplify the tasks of managing email.

📘

Note

This adapter supports Mimecast API 2.0. If you are using Mimecast API 1.0 use the Mimecast - V1 adapter.

Use Cases the Adapter Solves

• Security Awareness and Phishing Campaign Tracking: Track user participation in phishing awareness campaigns, including email interactions, template exposure, and training metrics to improve security posture.
• User Email and Campaign Enrichment: Enrich internal user records with phishing awareness campaign data, email aliases, and message history for comprehensive user asset inventory.

Types of Assets Fetched

This adapter fetches the following types of assets:

• Users

Data Retrieved through the Adapter

Users - Fields such as Username, Email Address, Real Email Address, Domain

Before You Begin

Required Ports

• 80, 443, or the port configured in Mimecast

Authentication Methods

The Mimecast V2 adapter uses OAuth 2.0 Client Credentials authentication:

• Client ID and Client Secret - OAuth credentials for accessing the Mimecast API 2.0

APIs

Axonius uses Mimecast API 2.0. The following endpoints are called:

• POST /api/oauth/token
• POST /api/user/get-internal-users
• POST /api/message-finder/search
• POST /api/awareness-training/phishing/campaign/get-campaign
• POST /api/awareness-training/phishing/campaign/get-user-data

Required Permissions

The Mimecast administrator account must have the following permissions:

• Directories | Internal | Read - Required to fetch internal users from the specified domain
• Awareness Training | Phishing Campaign | Read - Required to fetch campaign and user campaign data

Supported From Version

Supported from Axonius version 6.1

Connecting the Adapter in Axonius

Navigate to the Adapters page, search for Mimecast - V2, and click on the adapter tile.

Click Add Connection.

To connect the adapter in Axonius, provide the following parameters:

Required Parameters

1. Host Name or IP Address - The hostname or IP address of the Mimecast server. Select the Base URL that corresponds to your region. The default hostname should be: https://api.services.mimecast.com

2. Client ID - The OAuth Client ID for your Mimecast API integration.

3. Client Secret _ - The OAuth Client Secret for your Mimecast API integration.

4. Internal Domain - The name of the domain the client wants to get the internal users from.

Optional Parameters

1. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

2. HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

3. HTTPS Proxy User Name - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

4. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

📘

Note

• Advanced settings can apply to either all connections of this adapter, or to a specific connection. For more detailed information, see Advanced Configuration for Adapters.
• For more general information about advanced settings, see Adapter Advanced Settings.

Enrich Users with Campaign Users - Select this option to fetch phishing awareness training campaign data for users, including campaign participation and engagement metrics from the Mimecast Awareness Training API

Enrich Users with Messages From - Select this option to fetch email messages sent FROM each user via the Mimecast Message Finder API and enriches user records with detailed message data including sender information, timestamps, delivery status, spam verdict, and attachment details. Disable this option to improve collection performance if message data is not needed.

Related Enforcement Actions

• Add MimecastV2 Group Members