mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-05 23:38:57 +03:00
36 lines
1.3 KiB
Markdown
36 lines
1.3 KiB
Markdown
# Mimecast Targeted Threat Protection Deployment Template
|
|
|
|
## TTP Policy Configuration
|
|
| Module | Status | Mode | Scope |
|
|
|---|---|---|---|
|
|
| URL Protect | | Rewrite + Pre-delivery Hold | All inbound |
|
|
| Attachment Protect | | Dynamic sandbox | All inbound |
|
|
| Impersonation Protect (Default) | | Hit 3 | All inbound |
|
|
| Impersonation Protect (VIP) | | Hit 1 | VIP senders |
|
|
| Internal Email Protect | | URL + Attachment scan | Journaled |
|
|
|
|
## VIP List for Impersonation Protect
|
|
| Name | Title | Email | Domain |
|
|
|---|---|---|---|
|
|
| | CEO | | |
|
|
| | CFO | | |
|
|
| | CTO | | |
|
|
| | VP Finance | | |
|
|
| | General Counsel | | |
|
|
|
|
## Deployment Phases
|
|
- [ ] Phase 1: Configure URL Protect (pilot group)
|
|
- [ ] Phase 2: Configure Attachment Protect (pilot group)
|
|
- [ ] Phase 3: Configure Impersonation Protect with VIP list
|
|
- [ ] Phase 4: Enable Internal Email Protect via journaling
|
|
- [ ] Phase 5: Roll out to all users
|
|
- [ ] Phase 6: Tune policies based on false positive feedback
|
|
|
|
## Validation Checklist
|
|
- [ ] URL Protect rewrites links in test email
|
|
- [ ] URL Pre-delivery Hold stops weaponized link
|
|
- [ ] Attachment Protect sandboxes EICAR test file
|
|
- [ ] Impersonation Protect flags test BEC email
|
|
- [ ] Internal Email Protect detects test internal phishing
|
|
- [ ] Threat Dashboard shows detection metrics
|