Service Update

Overview

Mimecast is pleased to introduce the availability of the Microsoft Defender for Endpoint Threat Share Integration. This integration enables the sharing of malicious file hashes, URLs, and domains between your Mimecast and Microsoft Defender for Endpoint. When Mimecast’s Targeted Threat Protection inspects an email, threats identified as malicious attachments, phishing sending domains, and malicious URLs will result in action being taken on the email (depending on the transmission direction).

What's changing

• Administrators will see a new Integration Tile for Microsoft Defender for Endpoint Threat Share in the Integrations/Integrations Hub section of the Mimecast Administration Console.
• This integration also enables Mimecast to send telemetry to Microsoft’s Defender for Endpoint platform, helping to identify threats that arrive on an endpoint from another attack vector.
• In addition to sending telemetry to Microsoft’s Defender for Endpoint platform, Mimecast can receive telemetry from Defender for Endpoint threat share alerts and the IOC Management list. This telemetry can be used to block threats and remediate associated emails.

Recommended actions

Administrators should review the new integration tile in the Mimecast Administration Console and consider enabling the integration to enhance their threat protection capabilities. For more information, including links to setup documentation, visit Microsoft Defender Threat Share Integration and API & Integrations - Microsoft Defender for Endpoint Threat Share Integration.

See Also...

• API & Integrations - Microsoft Defender for Endpoint Threat Share Integration
• Microsoft Defender for Endpoint Threat Share