You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Common archive file extensions, which can be used to deliver malicious files.
File extensions of macro-supported documents, such as Microsoft Office files. Also includes file types that can load macros indirectly, eg via remote template injection.
Free email providers
Free file hosts
Free subdomain hosts
Top 1 million domains with the most referring subnets
Suspicious top level domains
URL shorteners
Message Groups: API to analyze hunt and control groups of messages
Messages: API to analyze and CRUD emails (and associated data e.g. attachments)
A webhook Action sends a notification to a URL of your choosing when one or more Rules with the Action flag an email message. The HTTP notification includes information about the message, the mailbox, the flagged Rules, and any triggered Actions, so you can set up an unlimited variety of integrations in response to flagged message events.
Here is some of what you can do with webhooks:
Send Flagged Message events to your SIEM for analytics or to correlate with events from other tools, such as your EDR
Send Flagged Message events to your SOAR, to trigger sophisticated DFIR workflows that are today only used on reported phish
User stories:
The Sublime platform API has multiple abstractions:
$org_domains
and$org_display_names
$receipient_domains
: domains anyone in the org has sent (to, cc, bcc) an email to$recipient_emails
: emails anyone in the org has sent to$sender_domains
: domains anyone in the org has received an email from$sender_emails
: emails anyone in the org has received an email fromAlso Webhooks
MQL notes
Implementation details
Tests
respx
as opposed to testing in a live environmentThe text was updated successfully, but these errors were encountered: