From the submitter: Instead of trashing message groups from Sublime Security based on an individual detection rule, this workflow uses specific criteria to decide on a message group (e.g., AI threat score, count/severity of rules matched, message groups from sender have been trashed before). This workflow is meant to significantly reduce the amount of manual triage required within the Sublime console while only trashing high-fidelity phishing and spam.
Andrew Katz at Jamf
How it works
Import this story to your tenant, from where you can adapt it to meet your unique needs.
Import