Hi all, Is there any app, method or guidance for ingesting emails directly form a O365 mailbox? So a use case for us would be: We have a mailbox which receives Phishing Reports SOAR logs onto the mailbox, downloads the unread mails + turns them into "Events" Playbook begins working on these events - checking URL's, checking to/from addresses, maybe further triage based on o365 logs or whatever Detonate mail/attachments in Sandbox, capture networks/process/file related results, e.g. Cuckoo Playbook decides if mail is okay, suspicious, or phishing (or integrates with another tool to get that information - e.g. Proofpoint All information made available to the analyst who reviews In order to kick these off we'd need to be able to INGEST the email to begin with, but don't see any way to do that at present. If it doesn't exist I will write my own app for it - but don't want to reinvent the wheel if I don't have to 🙂 Thanks!
... View more