Implementing Mimecast Targeted Attack Protection

Overview

Mimecast Targeted Threat Protection (TTP) is a suite of advanced email security services designed to protect against sophisticated phishing, spearphishing, and targeted attacks. TTP consists of four core modules: URL Protect (real-time URL rewriting and click-time analysis), Attachment Protect (sandbox detonation of suspicious attachments), Impersonation Protect (BEC and whaling detection), and Internal Email Protect (scanning internal/outbound email for threats). As of November 2025, Mimecast enabled URL Pre-Delivery Action with Hold setting for all customers by default.

When to Use

• When deploying or configuring implementing mimecast targeted attack protection capabilities in your environment
• When establishing security controls aligned to compliance requirements
• When building or improving security architecture for this domain
• When conducting security assessments that require this implementation

Prerequisites

• Mimecast Email Security license with TTP add-on
• Administrative access to Mimecast Administration Console
• Microsoft 365 or Google Workspace environment
• MX records configured to route through Mimecast
• Understanding of email authentication (SPF, DKIM, DMARC)