Automating abuse inbox management and phishing response (Part 1)

Published on

Written by Eoin Hinchy

Managing abuse inboxes and phishing response across an enterprise is often a complex and manual operation. In this multi-part video series, we provide detailed, step-by-step instructions on using the Tines Advanced Security Automation Platform to automate the entire process end-to-end, resulting in a more efficient and effective response.

Part 1 of the series covers:
1) Reading emails from an IMAP server
2) Extracting all URLs from the body of emails
3) Checking status of URLs in Virustotal
4) Using VT analysis to decide if the URL represents a threat
5) Contacting the victim with the results of our analysis

Resources:
Tines free Community Edition
VirusTotal API
OneLogin Developer account

Download and import the Part 1 story file (right-click -> save as): phishing-response-abuse-inbox-management-part-1.

*Please note we recently updated our terminology. Our "agents" are now known as "Actions," but some visuals might not reflect this.*

No-code
automation
for
security teams

Get started