Version: Gateway Anti-Spam Appliance
SpamTitan Gateway is a high-performance mail filtering security suite that provides the necessary email infrastructure to meet the needs of the most demanding enterprises. SpamTitan combines a hardened operating system and an assortment of software applications and services to produce a mail firewall appliance that eliminates spam, viruses and enforces corporate email policy.
Netsurion Open XDR helps to monitor events from SpamTitan Gateway. Its dashboard, alerts, and reports will help you to find detailed information on all events. Alerts determine and stop the attack and suspicious activities in real-time, and dashboards help to analyse all the security-related events in a single console. Malware and spam related to the Covid-19 pandemic is on the rise globally and spam is unsolicited email sent in bulk to unsuspecting users for commercial or malicious purposes.
Netsurion Open XDR Enhances investigations by performing SpamTitan Gateway’s events and information flow data in both real-time and on a historical basis. Using the Netsurion Open XDR alerts component we can create & tune alerts/alarms for critical events like- virus detected, will allow analysts to focus more on remediation and response efforts.
Spam is frequently used to deliver malware. Ransomware is most commonly delivered via spam, using this KP we can monitor the ongoing events related to spam and virus detection will help our analysts to create a policy, runbook to determine and stop the attack.
Using this integration we will get a deeper understanding of mail traffic running through SpamTitan Gateway. It provides a narrow understanding of mails recipient-sender, source-destination IP addresses, domain names, and action taken on the mails. We can find out the reason why a mail was not delivered and using the suspicious domain/IP address we can create a spam blacklist.
Using Netsurion Open XDR reports, we can audit sensitive data to see who did what, when, where, and how, to satisfy audits for multiple industry regulatory requirements.
Netsurion Data Source Integration for SpamTitan Gateway allows you to monitor the following components:
- Security – Virus detected, Spam email events, Infected emails.
- Operation – Passed Emails, Noqueue email events.
- Compliance – Mail Sender-Recipient details.
Once SpamTitan Gateway is configured to deliver events to Netsurion Open XDR; alerts, dashboards and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
|Security||SpamTitan Gateway – Virus detected in Infected mails||This alert is triggered when Virus/Malware is detected in the mail.|
|Security||SpamTitan Gateway – Mail with Coronavirus/Covid-19 subject||This alert is triggered when the mail subject contains details of Coronavirus or Covid-19.|
|Security||SpamTitan Gateway – Infected Emails with Virus||This report gives information regarding the virus detection in the mail. Reports contain source IP address, sender-recipient emails, seize, action taken on the mail, and other useful information for further analysis to drill down the incidents.|
|Operations||SpamTitan Gateway – Spam Emails||This report gives the information about the spam email detected in the SpamTitan Gateway. Reports contain sender-recipient email address, source IP address, protocol, size, the action was taken on the mail, reason, and other details that can be used for further investigation.|
|Compliance||SpamTitan Gateway – Passed Emails||This report gives information about the past emails in SpamTitan Gateway. The report contains source IP address, sender-recipient email address details, and other useful information.|
|Compliance||SpamTitan Gateway – Noqueue Email||This report gives information about the Noqueue emails in SpamTitan Gateway. The report contains source IP address, sender-recipient email address details, and other useful information for the deeper understand of the event.|
The configuration details are consistent with Netsurion Open XDR 9.2 or later, and SpamTitan Gateway.