creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-13 14:44:58 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/implementing-email-sandboxing-with-proofpoint/references/standards.md
T

1.4 KiB
Raw Blame History

Standards & References: Email Sandboxing with Proofpoint

MITRE ATT&CK Coverage

  • T1566.001: Phishing: Spearphishing Attachment (primary detection)
  • T1566.002: Phishing: Spearphishing Link (URL Defense)
  • T1204.001/002: User Execution: Malicious Link/File
  • T1059: Command and Scripting Interpreter (macro detection)
  • T1027: Obfuscated Files or Information

NIST Guidelines

  • NIST SP 800-177: Trustworthy Email - attachment security
  • NIST SP 800-83 Rev.1: Guide to Malware Incident Prevention
  • NIST SP 800-53: SI-3 Malicious Code Protection, SI-8 Spam Protection

Proofpoint TAP API Endpoints

Endpoint Description
/v2/siem/all All threat events for SIEM
/v2/siem/messages/blocked Blocked message events
/v2/siem/messages/delivered Delivered message events with threats
/v2/siem/clicks/blocked Blocked URL click events
/v2/siem/clicks/permitted Permitted URL click events
/v2/people/vap Very Attacked People list
/v2/campaign/{id} Campaign details

Sandbox File Types

Category Extensions Action
Executables .exe, .dll, .scr, .com Detonate + Block
Office docs .doc(x/m), .xls(x/m), .ppt(x/m) Detonate
PDF .pdf Detonate
Archives .zip, .rar, .7z, .tar.gz Extract + Detonate
Scripts .js, .vbs, .ps1, .bat, .cmd Block
Disk images .iso, .img, .vhd Detonate
Reference in New Issue View Git Blame Copy Permalink