Hi!
Is it possible to create cases in SecOps based on emails received in O365?
Any experiences?
Question
Create cases in SecOps based on received emails
+3
+12Yes, use the connector from the Microsoft Graph Mail integration - https://docs.cloud.google.com/chronicle/docs/soar/marketplace-integrations/microsoft-graph-mail#microsoft_graph_mail_connector. I have seen a few uses of the connector to monitor and ingest alerts from mailboxes used for forwarding security incidents and phishing emails.
+3Yes, use the connector from the Microsoft Graph Mail integration - https://docs.cloud.google.com/chronicle/docs/soar/marketplace-integrations/microsoft-graph-mail#microsoft_graph_mail_connector. I have seen a few uses of the connector to monitor and ingest alerts from mailboxes used for forwarding security incidents and phishing emails.
Seems to work fine! But are you able to append additional replys / email thread to the same case?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.