Our Email Security solution employs adaptive AI to learn typical communication patterns and relationships among mailbox users, establishing a behavioral baseline and social graph unique to each environment. This allows for the detection of subtle and sophisticated threats that can bypass traditional email filters.
With a baseline and social graph established, our AI continuously assesses sender reputation, message content, and user behavior in real time to identify advanced threats — including zero-day attacks and emerging spam techniques. Ultimately, threats flagged by the AI or reported by users are automatically grouped, categorized, and managed by our machine learning engine. This fully automated remediation process greatly reduces the time and effort required for threat mitigation.
Features
- Adaptive AI Protection: Continuous learning from user and admin actions and behavior to improve the categorization of emails.
- DMARC/DKIM/SPF Monitoring: Monitors and validates email authentication protocols (DMARC, DKIM, SPF) for all protected domains.
- Domain spoofing protection: Checks for and quarantines emails coming from fake email addresses that appear to be legitimate, such as faceb00k.
- Dynamic email alert banners: Provides contextual banners to give users insights and warn them about suspicious emails directly from their mailbox.
- End-user phishing reporting: Allows end users to report phishing emails, enhancing organization-wide threat intelligence.
- Email quarantine: Automatically removes malicious, spam, and fraudulent emails from users' mailboxes. Quarantine digest emails are sent to users, allowing them to request the release of an email from quarantine.
- Malicious URL and file scanning: Scans and analyzes emails for malicious links and attachments. Emails containing either are automatically quarantined.
- Scan back: A one-time retrospective scan for Microsoft 365 that checks for previously missed threats from the last 90 days before implementing Email Security.
- Silent mode: A detection-only mode designed for trials and onboarding. Gives admins a way to see the types of emails that would be quarantined by Email Security before switching to Active mode.
Follow these steps to get started:
- Set up the integration with your email provider:
- Set up a centralized Report Phishing mailbox for end-users to easily report phishing emails to. If your email provider is Microsoft O365, you can also configure a Report Phishing button so your users don't need to remember the forwarding email address. See Set up Report Phishing Mailbox.
- Add email addresses to the Notifications section to receive notifications when an admin needs to review an email incident. See Set up Email Security notifications.
Return to Email Security guide.