Managing abuse inboxes and phishing response across an enterprise is often a complex and manual operation. In this multi-part video series, we provide detailed, step-by-step instructions on using the Tines Advanced Security Automation Platform to automate the entire process end-to-end, resulting in a more efficient and effective response.
Part 1 of the series covers:
1) Reading emails from an IMAP server
2) Extracting all URLs from the body of emails
3) Checking status of URLs in Virustotal
4) Using VT analysis to decide if the URL represents a threat
5) Contacting the victim with the results of our analysis
Resources:
Tines free Community Edition
VirusTotal API
OneLogin Developer account
Download and import the Part 1 story file (right-click -> save as): phishing-response-abuse-inbox-management-part-1.
*Please note we recently updated our terminology. Our "agents" are now known as "Actions," but some visuals might not reflect this.*