Service Update
| Availability | January 22nd, 2025 |
| Product(s) | Email Security Cloud Gateway (CG) |
| Who's affected | Email Security Cloud Gateway, Administrators |
Overview
Mimecast is pleased to announce that we will be enhancing the logic used when reading the scan events to share the malicious destination URL when it differs from the source URL.
What's changing
Mimecast's Threat-sharing integrations can share malicious URLs with our partners' platforms, improving overall security in a connected ecosystem. In a few previous scenarios', the URL shared with partners could have been a legitimate upstream URL, but a nested URL was the malicious destination.
Impact
This should lead to fewer false-positive alerts in our partner platforms, where services such as Google Docs were previously shared as a malicious domain.
What’s Impacted
This change will be applied to all of our Threat-sharing integrations, where URL sharing is currently enabled.
This includes:
- CrowdStrike Threat Share.
- ZScaler Threat Share.
- Microsoft Defender for Endpoint Threat Share.
Recommended actions
If you have URL sharing enabled today, you do not need to take any action. You should notice a reduction in false positives where you have previously experienced them. If you previously disabled URL sharing due to false positives, we encourage that you re-evaluate this feature for improved protection in partner platforms.
Comments
Please sign in to leave a comment.