Avanan has always been on the cutting-edge of email security, and one of the ways it backs that up is with its patents.
Avanan has been awarded two patents from the U.S. Patent and Trademark Office. They are:
- Pre-Delivery Prevention of Phishing
- Shadow IT Discovery
These two patents, along with two pending patents and the entirety of Avanan's feature set, help set it apart from the rest of the email security market. In this blog, we'll describe briefly how these patents work and how they can bolster your security.
Pre-Delivery Prevention of Phishing (Inline)
This patent is more commonly referred to as inline email security, and it's at the core of what Avanan does. Among API solutions, only Avanan has the ability to block phishing emails before they reach the end-user. It means that Avanan can perform the tasks typically associated with Secure Email Gateway tools, while also adding supplemental capabilities like internal message scanning, post-delivery forensics and collaboration app security.
Inline email security works like this: Avanan stands between the internet and the inbox. It scans emails after the default layer, but before the inbox, meaning it stops the advanced threats that would have otherwise been missed. Using cutting-edge AI and machine learning, along with human input from end-users and trained researchers, Avanan is specifically trained to catch the evasive attacks that get through default and advanced security layers.
Additionally, preventing bad emails from reaching the inbox eliminates the potential for end-users to mistakenly click on it. According to the Verizon DBIR, the average time it takes for an end-user to click on a phishing link is one minute and 40 seconds. Avanan eliminates that possibility altogether.
API works best when it has the ability to scan and block email inline. Only Avanan can do that.
Shadow IT Discovery
Avanan also has a patent for Shadow IT discovery.
Shadow IT refers to the practice of when employees work with unsanctioned software, hardware or apps on company devices. The idea is that employees may use a different apps or software to complete business-related tasks. But these platforms may not be sufficiently secured and thus may expose company data.
Avanan's patent covers the technology that detects and monitors usage of cloud services based on the analysis of corporate email.
In the past, this protection was delivered via proxy-based Cloud Application Security Brokers, or CASBs. It can be done via an endpoint agent or by analyzing different network-device logs. All of this requires tons of extra configuration and a tough deployment. But it was only partial protection, since it cannot protect SaaS-based email.
Avanan's patented technology is able to uncover unsanctioned services by looking for email-based evidence of SaaS subscriptions or usage. That communication is already delivered to Avanan in the context of providing an extra layer of security. So Avanan clients can receive this information without additional configuration or deployments. This means that the file sharing apps and collaboration tools that compromise Shadow IT platforms can be easily assessed, regulated and monitored.
Report as Phishing (Pending)
Avanan's has a patent pending for a Report as Phishing button
Avanan integrates Microsoft's built-in missed phishing mechanism into its portal. It works like this: When a user detects a missed attack, they can click on the "Report as Phishing" button that's integrated into the email client. SmartPhish captures these reports and imports them into a user reported phishing screen.
From there, administrators can review it and either quarantine it, create a blocklist rule or decline the report.
This harnesses end-users in the fight against phishing, and Avanan's machine-learning platform can integrate these reports to stop future attacks.There is no need to add third-party buttons or vendor-lock to a report-phishing solution. Avanan’s solution is a natural, zero-effort way to report phishing.
Unified Daily Digest (pending)
Avanan has a patent pending for its unified daily digest.
For the first time, the end-user will get a digest that includes all quarantine and actions of every layer involved in scanning the email, not just Avanan.
For example, if a customer uses ATP and Avanan, the digest will show all the actions that both services took.
This easily allows customers to apply as many different layers and solutions for their email security as they’d like, without adding complexity in managing and alerting the end-users. Instead of scouring multiple platforms for information, Avanan provides a one-stop shop for all pertinent information. This is only possible because Avanan sits inline, scanning email after other security services.
Now, whether a customer just uses Avanan, or uses multiple services, end-users can easily and simply understand all the actions taken in determining an email safe or malicious.