mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 14:14:56 +03:00
mukul975
c21af3347e
- Add scripts/agent.py and references/api-reference.md to all remaining skills - Update all 648 LICENSE files: copyright now reads 'Mahipal' - Add implementing-security-monitoring-with-datadog (new skill with full anatomy) - All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
51 lines
1.4 KiB
Markdown
51 lines
1.4 KiB
Markdown
# API Reference: Implementing Mimecast Targeted Attack Protection
|
|
|
|
## Mimecast API Authentication
|
|
|
|
```python
|
|
import requests
|
|
headers = {"Authorization": "MC access_key:secret_key",
|
|
"x-mc-app-id": "app-id"}
|
|
resp = requests.post("https://us-api.mimecast.com/api/ttp/url/get-logs",
|
|
headers=headers, json={"data": [{"from": "2024-01-01"}]})
|
|
```
|
|
|
|
## TTP API Endpoints
|
|
|
|
| Endpoint | Description |
|
|
|----------|-------------|
|
|
| `/api/ttp/url/get-logs` | URL Protection logs |
|
|
| `/api/ttp/attachment/get-logs` | Attachment sandbox logs |
|
|
| `/api/ttp/impersonation/get-logs` | Impersonation detections |
|
|
|
|
## URL Protection Actions
|
|
|
|
| Action | Description |
|
|
|--------|-------------|
|
|
| allow | URL permitted |
|
|
| block | URL blocked (malicious) |
|
|
| warn | User warned before click |
|
|
| sandbox | Deferred for sandbox analysis |
|
|
|
|
## Attachment Sandbox Results
|
|
|
|
| Result | Severity |
|
|
|--------|----------|
|
|
| safe | INFO |
|
|
| suspicious | MEDIUM |
|
|
| malicious | CRITICAL |
|
|
| sandbox_timeout | HIGH |
|
|
|
|
## Impersonation Types
|
|
|
|
| Type | Description |
|
|
|------|-------------|
|
|
| Internal | Employee name spoofing |
|
|
| External | Vendor/partner spoofing |
|
|
| Domain | Similar domain detection |
|
|
|
|
### References
|
|
|
|
- Mimecast API: https://developer.services.mimecast.com/
|
|
- TTP URL Protection: https://developer.services.mimecast.com/docs/threatsintel/1/routes/ttp/url/get-logs/post
|