Why is anti-phishing for the cloud so hard to get right?
Enterprise cloud adoption has led to a dramatic increase in successful phishing attacks. This is because, in cloud environments, hackers only need one employee’s credentials in order to gain access to the entire corporate environment.
Cloud email providers such as Microsoft’s Office 365 and Google’s G Suite are constantly trying improve their default security offerings to combat these attacks. Unfortunately, hackers also have access to these services and reverse engineer methods to bypass the restrictions.
The anti-phishing solution specifically for cloud email.
Avanan implements the traditional email security layers of SPF, DKIM and DMARC checks, as well as URL filtering by leveraging three major data sources for URL blacklists. But these methods are generally already implemented by the default security and only catch about 15% of phishing attacks at the time the email is received. Most phishing attacks that bypass the default security are true zero-day and come from legitimate senders.
In order to catch the more advanced attacks, Avanan developed a unique machine learning algorithm that analyzes 300 indicators in each email by looking at each email component: headers, subject and body, links and the content those point to, etc. The API-based integration also allows Avanan to analyze all historical emails to determine the prior trust relations between the sender and receiver.
By combining traditional analysis capabilities from multiple best-of-breed vendors with a proprietary machine learning algorithm that looks at all aspects of the email, Avanan is built to specifically to catch the things Office 365 and Gmail miss.
START A FREE TRIAL
READ THE WHITE PAPER
Phishing in the Age of SaaS
FROM THE BLOG
Mailsploit allows hackers to spoof an email in a way that is undetectable by email clients’ default security checks as well as the human eye.
OUR SECURITY PARTNERS