Classifies FireEye Email Security Alerts as Phishing Alerts incident type.
FireEye Email Security (EX)
- Details
- Content
- Dependencies
- Version History
FireEye Email Security series protects against breaches caused by advanced email attacks.
Classifiers
| Name | Description |
|---|---|
FireEye Email Security - Phishing Alerts - Classifier | |
FireEye Email Security - Classifier | Classifies FireEye Email Security Alerts. |
Incident Types
| Name | Description |
|---|---|
FireEye EX Alert |
Integrations
| Name | Description |
|---|---|
| FireEye Email Security | FireEye Email Security (EX) series protects against breaches caused by advanced email attacks. |
Playbooks
| Name | Description |
|---|---|
| Block Domain - FireEye Email Security | This playbook blocks domains using FireEye Email Security. |
| Get Email From Email Gateway - FireEye | This playbook retrieves a specified EML/MSG file directly from FireEye Email Security or Central Management. |
Classifiers
| Name | Description |
|---|---|
FireEye Email Security - Phishing Alerts - Classifier | Classifies FireEye Email Security Alerts as Phishing Alerts incident type. |
FireEye Email Security - Classifier | Classifies FireEye Email Security Alerts. |
Incident Types
| Name | Description |
|---|---|
FireEye EX Alert |
Integrations
| Name | Description |
|---|---|
| FireEye Email Security | FireEye Email Security (EX) series protects against breaches caused by advanced email attacks. |
Playbooks
| Name | Description |
|---|---|
| Get Email From Email Gateway - FireEye | This playbook retrieves a specified EML/MSG file directly from FireEye Email Security or Central Management. |
| Block Domain - FireEye Email Security | This playbook blocks domains using FireEye Email Security. |
Required Content Packs (5)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
| Filters And Transformers | By: Cortex XSOAR |
| FireEye Central Management | By: Cortex XSOAR |
| FireEye Common Fields | By: Cortex XSOAR |
Optional Content Packs (1)
| Pack Name | Pack By |
|---|---|
| PhishingAlerts | By: Cortex XSOAR |
All level dependencies (8)
| Pack Name | Pack By |
|---|---|
| Filters And Transformers | By: Cortex XSOAR |
| Base | By: Cortex XSOAR |
| Aggregated Scripts | By: Cortex XSOAR |
| FireEye Central Management | By: Cortex XSOAR |
| FireEye Network Security (NX) | By: Cortex XSOAR |
| Cortex REST API | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
| FireEye Common Fields | By: Cortex XSOAR |
2.0.39 - 8429843 (April 23, 2026)
2.0.9 - R3994332 (November 8, 2022)
2.0.7 - 2674843 (March 30, 2022)
Integrations
FireEye Email Security
- Added type validations and other internal code improvements.
2.0.6 - 2387690 (February 9, 2022)
Integrations
FireEye Email Security
- Fixed an issue in the fetch incidents process where alerts were not fetched if they were created 48 hours or later than the last alert that was fetched
- Updated the Docker image to: demisto/python3:3.10.1.25933.
- Improved Error handling.
2.0.5 - 2369391 (February 6, 2022)
Integrations
FireEye Email Security
- Fixed an issue where the authorization token was not cached properly.
2.0.4 - R2146019 (December 21, 2021)
Classifiers
New: FireEye Email Security - Phishing Alerts - Classifier
- Classifies FireEye Email Security Alerts as Phishing Alerts incident type. (Available from Cortex XSOAR 6.0.0).
Playbooks
New: Get Email From Email Gateway - FireEye
- This playbook retrieves a specified EML/MSG file directly from FireEye Email Security or Central Management. (Available from Cortex XSOAR 6.0.0).
2.0.3 - 2042391 (December 2, 2021)
Integrations
FireEye Email Security
- Fixed an issue where HTTP status code 206 was considered as an error.
- Improved implementation of the test module command to get alerts from the last day only.
- Updated the Docker image to demisto/python3:3.9.8.24399.
2.0.2 - R2009340 (November 25, 2021)
Playbooks
New: Block Domain - FireEye Email Security
- This playbook blocks domains using FireEye Email Security.
The playbook checks whether the FireEye Email Security integration is enabled, whether the Domain input has been provided and if so, blocks the domain. (Available from Cortex XSOAR 6.0.0).
2.0.1 - 7561139 (September 12, 2021)
Integrations
FireEye Email Security
- Updated the Docker image to: demisto/python3:3.9.7.24076.
2.0.0 - 390296 (June 28, 2021)
Integrations
New: FireEye Email Security
Added the FireEye Email Security integration.
Classifiers
New: FireEye Email Security - Classifier
Classifies FireEye Email Security Alerts.
1.0.0 - 390076 (June 11, 2021)
FireEye Email Security series protects against breaches caused by advanced email attacks.
2.0.39 - 8429843 (April 23, 2026)
2.0.9 - R3990696 (November 7, 2022)
2.0.7 - 2674843 (March 30, 2022)
Integrations
FireEye Email Security
- Added type validations and other internal code improvements.
2.0.6 - 2387690 (February 9, 2022)
Integrations
FireEye Email Security
- Fixed an issue in the fetch incidents process where alerts were not fetched if they were created 48 hours or later than the last alert that was fetched
- Updated the Docker image to: demisto/python3:3.10.1.25933.
- Improved Error handling.
2.0.5 - 2369391 (February 6, 2022)
Integrations
FireEye Email Security
- Fixed an issue where the authorization token was not cached properly.
2.0.4 - R2146019 (December 21, 2021)
Classifiers
New: FireEye Email Security - Phishing Alerts - Classifier
- Classifies FireEye Email Security Alerts as Phishing Alerts incident type. (Available from Cortex XSOAR 6.0.0).
Playbooks
New: Get Email From Email Gateway - FireEye
- This playbook retrieves a specified EML/MSG file directly from FireEye Email Security or Central Management. (Available from Cortex XSOAR 6.0.0).
2.0.3 - 2042391 (December 2, 2021)
Integrations
FireEye Email Security
- Fixed an issue where HTTP status code 206 was considered as an error.
- Improved implementation of the test module command to get alerts from the last day only.
- Updated the Docker image to demisto/python3:3.9.8.24399.
2.0.2 - R2009340 (November 25, 2021)
Playbooks
New: Block Domain - FireEye Email Security
- This playbook blocks domains using FireEye Email Security.
The playbook checks whether the FireEye Email Security integration is enabled, whether the Domain input has been provided and if so, blocks the domain. (Available from Cortex XSOAR 6.0.0).
2.0.1 - 7561139 (September 12, 2021)
Integrations
FireEye Email Security
- Updated the Docker image to: demisto/python3:3.9.7.24076.
2.0.0 - 390296 (June 28, 2021)
Integrations
New: FireEye Email Security
Added the FireEye Email Security integration.
Classifiers
New: FireEye Email Security - Classifier
Classifies FireEye Email Security Alerts.
1.0.0 - 390076 (June 11, 2021)
FireEye Email Security series protects against breaches caused by advanced email attacks.
PUBLISHER
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | June 11, 2021 | |
| Last Release | April 23, 2026 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
