This workflow consumes one or more email message IDs and attempts to quarantine matching messages in all supported products. Currently supported products include: Cisco Secure Email Threat Defense (via XDR response API), Microsoft Defender for Office 365 (Commercial or GCC).

Targets: Automation APIs, Platform APIs, Conure APIs, Microsoft Defender for Office 365 (Commercial or GCC)

Steps:
- Check how the workflow was started (if not a playbook task, end the workflow)
- Get a list of XDR automation targets and extract the supported integrations
- Check if there are supported integrations available (if not, end the workflow)
- For each email message ID:
  - For each integration:
    - Attempt to quarantine the message in the given integration
  - Check if the message was quarantined in at least one product (if not, update the workflow results)

XDR - Contain Incident: Quarantine Email Messages