Whatever security solution is used to block phishing e-mails, malicious e-mails are still bypassing the security defenses. CloudCyte E-mail Security enables the automated detection, notification, and deleting of risky e-mails bypassing the existing security controls. Without relying on the user to report the message, every e-mail is scanned when the end-user opens an e-mail. Through CloudCyte machine-learning technology, a risk-level is determined for the e-mail. Based on the risk level, the e-mail is reported to the security teams or deleted without interrupting the end-user experience.
The solution functions through an add-in deployed in Microsoft Outlook. Full support for agentless and agent-based deployments is provided. Additional Gmail support is available. The deployed add-in performs the following analysis and many more within the user inbox for the detection of risks through its in-house developed machine learning technology:
- Categorization of all the links in the e-mail body and attachments.
- Automatic identification of links from firstly seen, recently-up, newly-registered, parked, or malicious domains for a new level of threat discovery.
- Existence of macros in Office documents.
- Embedded javascript code in PDF files.
- Reputation analysis through shared intelligence network and external phishing feeds.
- DCIM/DMARC controls.
- Sandbox-based behavior analysis for attached documents.
- E-mail origin analysis.
- Suspicious word, character and TLD analysis.
Once the analysis is done, the add-in can notify the end-user before a link is clicked or an attached file is opened. In addition to informing the end-user, the add-in automatically notifies the security teams without relying on the end-user to report it.
CloudCyte E-mail Security also integrates with Microsoft Security Center by automatically forwarding critical events as alerts.
To learn more please click here.
To watch the platform in action please click here.