There are dozens of API-based email security vendors on the market. It’s a competitive market, and we’re always confident that our solution will win out. We know for a fact that our solution continues to be our competitors, especially with the large enterprise.  And that’s making the API start-ups a bit desperate.

Our competitors generally say a few things about us that are untrue. One, that we only run inline, and two, that if there’s an outage of services, then email delivery is stopped.

Both are untrue. While inline is our most popular and preferred method of deployment, it is not our only one. Second, if in a rare case there is a problem that happens to impact deliverability, email delivery is not stopped. Any customer in inline mode will revert to detect and remediate mode.  What’s detect and remediate mode?  It’s the mode that removes emails from the inbox post delivery.  This happens to be the ONLY option offered by all other API vendors offer. 

This blog will go into more detail about our modes of operation, as well as dispel some myths that are going around the market. 

Avanan has three modes of operation. We talk about our inline, prevent mode the most, as it's our patent and our most popular mode of operation. Over 90% of our customers choose inline prevention.

But there are other modes to choose from. 

The first mode is Monitor. 



In this mode, we're just monitoring mail flow, quantifying the phishing problem, and gaining visibility into threats. Some organizations use this to feed events to their in-house SOAR and SIEM for analysis. 

Our second mode is Detect and Remediate.

This is the only mode that our API competitors offer. In short, detect and remediate removes the email from the inbox only after it has been delivered. Though this isn't our preferred method, we do have some customers who choose it, and who prefer not to change mail flow. However, Avanan still can operate in this way, removing the offending email after it reaches the inbox. 

Finally, we offer prevention, or our inline mode. 

This is our patented solution that most customers choose. It scans the email after default security but before the inbox, ensuring that only clean email is delivered. It's this methodology that is unique to us and brings the most complete phishing protection on the market.

In the small chance that there is an incident impacting deliverability, we fail open. What does this mean? Anyone in inline mode will be moved to detect and remediate mode. So there will be no email deliverability issues. When this happens--which is very rare--emails will be scanned after the inbox, just like every other API solution does today. And we offer world-class, 24/7/365 customer service. Make sure to ask the other API solutions how their customer service works. 

In summary, we give you options to deploy the security that works best for your organization. And if you, like most customers, choose inline mode, there's a fail-open mechanism. If there is an outage, email is not blocked, but rather emails are delivered as normal and are instead scanned after the fact. 

When dealing with our competitors, we like to rely back on our technology. We don’t have to share untruths or misnomers. We just tell you what we offer and how we make you safer–nothing more, nothing less.