If you are interested in Proofpoint vs. Mimecast vs. Barracuda vs. ATP, we invite you to spend the next couple of minutes reading through this analysis.
In the first of its kind study where we analyzed over 360 million emails, we have the data to demonstrate which vendors are most effective at keeping malicious emails out of the end user's inboxes. In the past, measuring such results was challenging because with Legacy Email Gateways (LEG), you can't layer email security solutions on top of one another. For example, you can’t deploy Proofpoint, Mimecast, or Barracuda behind ATP. You also can't deploy one LEG behind another. And you certainly can't measure the effectiveness of EOP or ATP behind a LEG because a LEG requires you to disable many, if not all, of the security features within EOP. We’ve covered this ad nauseam here, here and here.
With Avanan and our embedded approach via APIs, we can and do layer behind all of these other technologies. So in the case where there is a LEG like Proofpoint, Mimecast, or Barracuda deployed at the gateway, if Avanan detects a phishing attack, it's a miss for the LEG. Same goes with ATP or EOP.
Looking at the results, while we were surprised at the marginal improvement in catch rate by adding ATP, we are not surprised by the Avanan's clear advantage over Proofpoint, Mimecast, and Barracuda. This is why customers are leaving these vendors in droves to sign up with Avanan. And employees at these companies know it.
Number of phishing emails missed per 100K emails
We need not go far to see examples of attacks that all these other companies missed. Many unfortunately are broad based attacks that SHOULD be stopped.
Here’s one example from Proofpoint missed within 24 hours of this writing. In this case, someone’s Gmail account was hacked and unfortunately used to send an email informing recipients about some “valuable items and funds i will ship to you for safe keep”.
In this case even EOP would have at least flagged this as Junk (SCL score = 5). Unfortunately if you were using Proofpoint, this went straight to the inbox. When we point out such obvious misses to customers, they bring them to the attention of Proofpoint. Proofpoint generally excuses such misses by saying their “URL rewriting capability” would have prevented the click. The problem with this excuse is that there is nothing to click. In fact, 20% of the phishing attacks we block have no links. Paying a fake invoice doesn't involve clicking a link. Neither does running out and getting gift cards.
Actual Proofpoint Miss
Mimecast takes the cake with their recent miss. It's another big one and one that actually would have been blocked by Microsoft had it not been for Mimecast being whitelisted by EOP (their default configuration). You can see the email samples for yourself. This also was a widespread attack and not very sophisticated. Yet Mimecast missed it. The SCL Score -1 means that the email was is Allow Listed in Microsoft. Mimecast, and the other LEGs, require customers to Allow List all emails from the gateway into Microsoft to "ensure messages delivered from us [Mimecast] to Microsoft 365 aren't incorrectly identified as spam, resulting in delayed or failed email delivery". This means if the LEG says it's clean, it goes into the user's inbox and Microsoft's not there to help.
Actual Mimecast Miss
Same email in a different environment blocked by Microsoft EOP
Again, another missed phishing attack from one of the legacy gateway providers. If this email or type of email looks familiar, that's because it's a widespread phishing method and been in play for a long time. In this case it's a high level executive that has an urgent request for a subordinate to run out and get a bunch of gift cards. As old of a method as this may be, Barracuda lets this fly right into the user's inbox.
Actual Barracuda Miss
What Makes Avanan so Effective?
Avanan has developed and patented a radically different approach to email security. The Legacy Email Gateway was designed when email was on prem and MySpace, BlackBerrys and signature-based detection were all the rage. Their approach made sense at the time, but since email moved to the cloud, it requires a new approach and advanced AI/ML technologies. Avanan is an API enabled email security provider that is embedded within cloud email (O365 or Gmail). Being embedded is critical for AI/ML and it's what gives us the far superior catch rate, more capabilities and a five minute deployment. In the end, the Avanan approach makes our customers far more secure and saves them a tremendous amount of time. This is exactly why we continue to have the highest ranking of any other major email security provider in Gartner's Peer Insights.