Skip to content
Find out how we support MDR.

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=trend-micro-ems-overview

Trend Micro Email Security integration

API Email

You can integrate Trend Micro Email Security with Sophos Central so that it sends data to Sophos for analysis.

This page gives you an overview of the integration.

Trend Micro Email Security product overview

Trend Micro Email Security is a cloud-based solution designed to protect against phishing, ransomware, and business email compromise (BEC) attacks. It employs a multi-layered approach, using advanced threat detection techniques such as machine learning, sandbox analysis, and data loss prevention (DLP) to block email-based threats.

Sophos documents

Integrate Trend Micro Email Security

What we ingest

  • "Business Email Compromise (BEC) Detected by Antispam Engine"
  • "Phishing Detected by Correlated Intelligence"
  • "Phishing Detected by Antispam Engine"

Alerts ingested in full

Email activity is ingested from /api/v1/log/policyeventlog.

Filtering

We filter only to confirm data returned is in the correct format.

Sample threat mappings

{"alertType": "Anomaly Suspicious Email", "threatId": "T1566", "threatName": "Phishing"},
{"alertType": "Scan Exception Virtual Analyzer scan exception", "threatId": "T1566", "threatName": "Phishing"}

Vendor documentation

Getting started with Trend Micro Email Security APIs