No matter the industry, no matter the company, one thing is clear—phishing is the number one threat resulting in breaches. You feel it on a daily basis. And it's backed up by the findings of the Verizon Data Breach Investigation Report.

A whopping 91% of breaches start with email. And, by far, Microsoft 365 is the most targeted platform.

It's not good, then, that Microsoft ATP misses 18% of malicious emails—and at least 30% without it. 

Download our Report on what ATP Misses

It is a massive burden on your email security operations team.

One study quantified it. According to a report by the Ponemon Institute, the average 10,000-employee company spends $3.7 million a year just dealing with phishing attacks. About half of that cost is in lost productivity alone. And 27% of the cost was the simply having to respond to a data breach caused by a stolen credential. 

And it's not just the SOC. All employees waste an average of 4.16 hours a year on phishing scams:

That's not any way to run a business.

In general, responding to phishing attacks simply takes up too much time. Consider this sample workflow for dealing with phishing attacks

Gartner-SOAR: Assessing Readiness Through Use-Case Analysis March 2020

If we've lost you, don't worry. This is confusing and most of all, time consuming.

That's where Avanan comes in.

Avanan employs a two-pronged approach to reducing phishing and alleviating your SOC workload:

  • Protect: Reduce suspicious emails hitting end-user inboxes
  • IRaaS: Manage end user responses

It starts with our patented protection, which scans emails after default security, Secure Email Gateways and Microsoft ATP, but before it reaches the user inbox, resulting in a better catch rate. That keeps phishing down to a minimum.

Beyond that, we've introduced Incident Response as a Service (IRaaS). With IRaaS, end-user requests to restore from quarantine or to mark as suspicious are routed to our team of experts. It's reviewed by our analysts within an SLA, usually in about five minutes, but in no more than 30 minutes. Our highly-trained experts, who are available around the clock, will either approve or deny the request. For malicious emails, our analysts will search and destroy similar emails, both current and future ones.

This is all integrated with the "Report Phishing" button in O365 or Gmail. At the end of the day, admins will receive a summary. The whole process looks like this:


Consider this story from one of our customers, a Fortune-500 company, with 10,000 employees.

In May and June of 2020, before signing up with Avanan, employees at this firm made around 2,500 reports of suspicious emails. Of those reports, 2,000 of them were actual phishing messages. 


Within one month of using Avanan, this company saw a 99.2% reduction in phishing emails, and a 75% reduction in end-user reports handled by their SOC.  

In August, after activating the IRaaS product, 100% of the end user requests were handled by Avanan. The SOC went from handling 2,800 email requests to zero. Now, the SOC can focus on other threats. Together with Avanan, their security is better.


Today's phishing scams are overwhelming and relentless. It explains why 60% of SOC employees are considering leaving the job or changing careers altogether because of burnout. And that study was done before COVID-19; it's only gotten worse.

Alleviate the burden and eliminate burnout. Let Avanan's experts augment your security operations, so your team can focus on other threats—all while saving money and boosting productivity. And, for that mater, sanity. 

Watch: Avanan Email Incident Response as a Service