Integration Use Cases
Get Threat Details
Returns the details of the threat matching `{threatId}` from the token-linked Email Security provider. If a provider allows for the gathering of more detailed information about a threat, the response will include the additional information. Otherwise, the response will only include the basic information about the threat returned by the query_threats endpoint.
Query Email Events
Returns a list of email events matching the query from the token-linked Email Security provider. Defaults to the last 30 days of email events. This can be overridden by using the `time` filter. Note that some providers may have a maximum time range limit.
Query Threats
Returns a list of threats matching the query from the token-linked Email Security provider. Defaults to the last 30 days of threats. This can be overridden by using the `time` filter. Note that some providers may have a maximum time range limit. A threat is an automated detection that was deemed to be a threat by the Email Security provider.