Fortra Phishlabs Security

as part of the email incident response service, phishlabs provides suspicious email analysis, which provides 24/7 expert triage and analysis of threats reported by users included with the suspicious email analysis service, the incident data api provides the results of the email classification and supporting metadata in a structured format all incidents, regardless of classification, will be available via api and available data may include parsed email body, email classification, urls, and other attributes when available prerequisites a phishlabs account username and password for the phishlabs api configurations http basic authentication authenticates using username and password configuration parameters parameter description type required url a url to the target host string required username username string required password password string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions get incident returns a single incident based on the given id endpoint url /idapi/v1/incidents/{{service}}/{{id}} method get input argument name type required description service string optional parameter for get incident id string optional unique identifier output parameter type description metadata object response data count number count value incidents array unique identifier id string unique identifier title string output field title description string output field description status string status value created string output field created modified string output field modified closed string output field closed duration number output field duration service string output field service details object output field details casetype string type of the resource classification string output field classification subclassification string output field subclassification severity string output field severity emailreportedby string output field emailreportedby emailreceiveddate string date value emailbody string request body data messageid string unique identifier submissionmethod string http method to use sender string output field sender furtherreviewreason string response reason phrase offlineuponreview boolean output field offlineuponreview example \[ { "metadata" { "count" 1 }, "incidents" \[ {} ] } ] get incidents returns a set of incidents filtered by the given query parameters endpoint url /idapi/v1/incidents/{{service}} method get input argument name type required description service string required the service to query eir status string optional status value created after string optional parameter for get incidents created before string optional parameter for get incidents closed after string optional parameter for get incidents closed before string optional parameter for get incidents limit number optional parameter for get incidents offset number optional parameter for get incidents sort string optional parameter for get incidents message id string optional unique identifier output parameter type description metadata object response data count number count value incidents array unique identifier id string unique identifier service string output field service title string output field title description string output field description status string status value details object output field details casetype string type of the resource classification string output field classification subclassification string output field subclassification severity object output field severity emailreportedby string output field emailreportedby emailreceiveddate string date value submissionmethod string http method to use sender string output field sender emailbody string request body data messageid string unique identifier urls array url endpoint for the request url string url endpoint for the request malicious boolean output field malicious maliciousdomain boolean output field maliciousdomain attachments array output field attachments file name string name of the resource example \[ { "json body" { "metadata" {}, "incidents" \[] } } ]