Skip to main content

Retarus Secure Email Gateway

The Retarus Secure Email Platform provides comprehensive security and advanced email routing. It offers features such as Advanced Threat Protection and Email Archiving.

Retarus Secure Email Gateway

Retarus Secure Email Gateway is a fully managed cloud service that provides comprehensive, multi-layered security for organizations.

It filters all inbound and outbound traffic to defend against threats like malware, ransomware, and phishing using advanced sandboxing technology.

This pack includes

Data normalization capabilities:

  • Data modeling rules normalize Retarus Secure Email Gateway logs that are ingested via the integration to Cortex XSIAM.
  • Ingested logs can be queried in XQL Search using the retarus_secure_email_gateway_raw dataset.

Supported log categories

Category Category Display Name
AntiVirus MultiScan Inbound MultiScan
AntiVirus MultiScan Outbound MultiScan
Message Transfer Agent Inbound MTA
Message Transfer Agent Outbound MTA
CxO Fraud Detection CxO
Patient Zero Detection PZD
Sandboxing Sandboxing

Data Collection

Retarus Secure Email Gateway side

A token ID is provided by Retarus for the SIEM integration.

Note:
Due to a Retarus API limitation, only one instance can be configured for each token and channel.

Two instances with the same token and different channels are allowed.

Two instances with the same token and same channel may result in errors and/or missing events.

For more information click here.

Cortex XSIAM side

  1. Go to Marketplace and install Retarus Secure Email Gateway.
  2. Navigate to Settings -> Data Collection -> Automation & Feed Integrations -> Add instance.
  3. Add the collector name.
  4. Add the Server URL. Default value is events.retarus.com.
  5. Add the token ID.

PUBLISHER

PLATFORMS

Cortex XSIAM

INFO

CertificationRead more
Supported ByCortex
CreatedJanuary 29, 2025
Last ReleaseJuly 6, 2025
Phishing
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise.