Intelligent Email Security Analysis and Automated Ticket Creation

Workflow Name

Intelligent Email Security Analysis and Automated Ticket Creation

Key Features and Highlights

This workflow enables real-time monitoring and intelligent analysis of emails received in corporate mailboxes (Gmail and Microsoft Outlook), automatically identifying potential phishing email risks. Leveraging ChatGPT for in-depth analysis of email content and header information, it assesses the security status of emails and automatically creates corresponding tickets in the Jira system. These tickets include email screenshots and text files of the email body, facilitating rapid response and handling by security teams.

Core Problems Addressed

• Automated identification of phishing and malicious emails, reducing the manual screening workload.
• Provision of visual email screenshots and textual backups to enhance the intuitiveness and accuracy of email analysis.
• Rapid tracking and management of email security incidents through an automated ticketing system for efficient response.

Application Scenarios

• Corporate information security departments monitoring internal employee emails for security threats.
• IT support teams automatically collecting suspicious email information for swift incident response.
• Any organizational environment requiring automated email security risk detection and incident management.

Main Process Steps

1. Email Triggering and Data Extraction

   • Real-time capture of new Gmail emails via Gmail Trigger.
   • (Optional) Capture Outlook emails via Microsoft Outlook Trigger and retrieve detailed email header information through Microsoft Graph API.
   • Extract variables including email subject, recipients, HTML body, plain text body, and email header information.

2. Email Content Conversion and Screenshot Generation

   • Convert the email body into a text file for archival purposes.
   • Use the third-party API hcti.io to render the email’s HTML body into an image screenshot, enhancing the visual presentation of email content.

3. AI-driven Email Security Analysis

   • Utilize the ChatGPT model to perform in-depth analysis combining the email’s HTML body and header information, determining whether the email is phishing or malicious.
   • Generate structured JSON output containing the email security verdict and detailed analysis explanation.

4. Automated Ticket Creation and Attachment Upload

   • Based on AI analysis results, conditionally create Jira tickets categorized as either “Potentially Malicious” or “Potentially Safe.”
   • Include email subject, recipients, and ChatGPT’s detailed analysis report within the ticket.
   • Upload the email screenshot and text file of the email body as attachments to the ticket, enabling security personnel to quickly review and address the issue.

Involved Systems and Services

• Gmail: Email triggering and data acquisition.
• Microsoft Outlook (optional, disabled by default): Email triggering and header information retrieval.
• hcti.io: Rendering email HTML body into image screenshots.
• OpenAI ChatGPT: Intelligent threat analysis of email content and headers.
• Jira: Automated ticket creation and attachment upload for security incident management.

Target Users and Value

• Enterprise security teams and IT operations personnel can leverage this workflow to automate email security analysis and response, improving operational efficiency and email threat prevention capabilities.
• Organizations needing to quickly screen large volumes of emails and automatically flag potential risks.
• Teams aiming to seamlessly integrate email security incidents into project management tools like Jira for unified tracking and handling.

By integrating multi-system data, combining AI-powered analysis with automated ticketing workflows, this solution provides enterprises with an efficient and intelligent email security management system.