This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Central Email API?

Is there anything on the roadmap for this? We use a 3rd party Security Awareness product that includes a Phish Testing feature (*). This requires a large number of exceptions, and adding and checking them across a large number of tenants is tedious so an API would be awesome.

I can use the endpoint API to add the URL exceptions, but for email I need to add the URLs again (not malicious and don't rewrite), the source IP's (don't check RBL), and the source domains (don't allow user to whitelist)

Thanks

James

(*) yes I'm aware Sophos has a Phish Testing feature too

Added tags
[edited by: Raphael Alganes at 1:21 AM (GMT -7) on 5 Jun 2023]

Top Replies

Tom Foucha over 2 years ago in reply to josepalad +4 verified

The first public Email API being released in the next week will allow you to download and consume into a SIEM Message History data from the Threat Analysis Center > Live Discover. We are working on other…

Parents

0 josepalad over 2 years ago

Hi jamesharper

Good day! I don't see any Central Email API in the roadmap currently. I would recommend contacting your Sophos partner or sales representative directly if you want to request for this feature to be added as per this link: https://community.sophos.com/b/community-blog/posts/sophos-ideas-portal-retirement

Regards,

Jose
Cancel
Vote Up 0 Vote Down

Cancel
+1 Tom Foucha over 2 years ago in reply to josepalad

The first public Email API being released in the next week will allow you to download and consume into a SIEM Message History data from the Threat Analysis Center > Live Discover. We are working on other API's that will allow you to add/remove items from various lists like Allow/Block as well as Quarantine Release/Delete. Phish Threat also has a list of API's being developed and I will see what is included in those and let you all know.
Cancel
Vote Up +4 Vote Down

Cancel
0 jamesharper over 2 years ago in reply to Tom Foucha

Thanks for the update. Looking forward to it :)
Cancel
Vote Up 0 Vote Down

Cancel
0 Phil Wood over 1 year ago in reply to Tom Foucha

Hi Tom,

Any more news on this API?

Thanks
Cancel
Vote Up 0 Vote Down

Cancel
0 Tom Foucha over 1 year ago in reply to Phil Wood

It is availabe, Message History API

Tom
Cancel
Vote Up 0 Vote Down

Cancel
0 Phil Wood over 1 year ago in reply to Tom Foucha

Hi Tom, from what I can tell this doesn't give the ability to control items that are waiting in quarantine? Just post-quarantine information from the XDR data lake? I guess I misunderstood your reference to 'Quarantine Release/Delete' in your earlier response.
Cancel
Vote Up 0 Vote Down

Cancel
0 Tom Foucha over 1 year ago in reply to Phil Wood

That will be delivered in early 2023. It is under development. First api was message history and then comes quarantine.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Tom Foucha over 1 year ago in reply to Phil Wood

That will be delivered in early 2023. It is under development. First api was message history and then comes quarantine.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Phil Wood over 1 year ago in reply to Tom Foucha

Thanks Tom - that's good news. I'll keep my eye out!
Cancel
Vote Up 0 Vote Down

Cancel