Netskope Help

Validate the Mimecast Plugin

In order to validate the workflow you must have Netskope Alerts and/or Mimecast attributes/indicators. Polling Intervals are defined during plugin configuration.

  1. Go to Threat Exchange and select Threat IoCs.

    image26.png
  2. In your Netskope tenant, go to Policies and select File > Your Custom File Profile, and then click File Hash.

    image27.png

    Note

    The indicators shared with Mimecast won’t be displayed on the Mimecast console. However, based on the Operation Type selected in your Mimecast configuration, the messages/emails matching the pushed file hashes will be either Allowed, Blocked, or Deleted.

  3. If data is not being brokered between the platforms, you can look at the audit logs in Threat Exchange. In Threat Exchange, select Logging, and then look through the logs for errors.

    image28.png