Threat Investigations can correlate information from Endpoint
Sensor, Cloud App Security, and Active Directory to display attack information about
an endpoint,
user account, and possible email attack vectors throughout your network.
 |
NoteYou must properly configure Cloud App Security before being able to
correlate email message information.
|
The Email Message pane
displays information about selected email messages associated with the Analysis Chain
and
provides further details about users within your organization.
The following table highlights some of the correlated data.
|
Data
|
Description
|
|
Recipients
|
Click to display a list of all of the recipients that
received the email message
|
|
Attachments
|
Click to displays a list of all files attached to the email
message
|
|
Embedded URLs
|
Click to displays a list of all URLs embedded in the email
body
|