SEARCH
CONTACT US
LASTLINE BLOG
SCHEDULE A DEMO
Logo Logo Logo Logo Logo
  • Platform
  • Use Cases
    • Your Industry
      • Financial Services
      • Healthcare
      • Telecomm
      • Online Gambling
    • Your Challenge
      • Use MITRE ATT&CK to Improve Security
      • Protect Public Cloud Workloads
      • Accelerate Threat Response
      • Detect Lateral Movement
      • Prevent Intrusions
      • Block Unauthorized Access
      • Prevent Data Exfiltration
      • Secure Any Email System
      • Protect the Internet of Things
      • Block Account Takeover
      • Detecting Advanced Malware
    • Your Role
      • Threat Detection
      • Threat Hunting
      • Incident Response
  • Why Lastline
  • Resources
  • Partnerships
    • Channel Partnerships
    • Technology Alliance Partnerships
    • Strategic Partnerships
    • Partner Portal
  • Labs
    • Labs Blog
    • Labs Research Papers
  • Company
    • Threat Intelligence
    • Mission & Principles
    • Management Team
    • Board & Investors
    • News & Events
      • Media Coverage
      • Press Releases
      • Events
    • Lastline Blog
    • Awards
    • Careers
    • Contact
  • Platform
  • Use Cases
    • Your Industry
      • Financial Services
      • Healthcare
      • Telecomm
      • Online Gambling
    • Your Challenge
      • Use MITRE ATT&CK to Improve Security
      • Protect Public Cloud Workloads
      • Accelerate Threat Response
      • Detect Lateral Movement
      • Prevent Intrusions
      • Block Unauthorized Access
      • Prevent Data Exfiltration
      • Secure Any Email System
      • Protect the Internet of Things
      • Block Account Takeover
      • Detecting Advanced Malware
    • Your Role
      • Threat Detection
      • Threat Hunting
      • Incident Response
  • Why Lastline
  • Resources
  • Partnerships
    • Channel Partnerships
    • Technology Alliance Partnerships
    • Strategic Partnerships
    • Partner Portal
  • Labs
    • Labs Blog
    • Labs Research Papers
  • Company
    • Threat Intelligence
    • Mission & Principles
    • Management Team
    • Board & Investors
    • News & Events
      • Media Coverage
      • Press Releases
      • Events
    • Lastline Blog
    • Awards
    • Careers
    • Contact

Email Soaring to the Cloud Requires Advanced Threat Protection

Email Soaring to the Cloud Requires Advanced Threat Protection

Posted by Lastline ON JUL 19, 2018
ShareLinkedinTweetReddit

cloud email The economics of cloud email is compelling. In an era of limited resources, having your business email communications managed by the supplier is a triple win:

  • Enterprises get the benefits of email with the supplier managing the system
  • Costs are significantly lower than on-premises email
  • End-users love it (higher adoption rate than most other systems)

Yet, protecting cloud email is more challenging than on-premises email because:

  • Criminals need only figure out one vulnerability and they can launch the same attack against everyone using that platform
  • It’s easy to test by simply setting up their own Gmail or MS Outlook.com account
  • Once they compromise an email system, any email they send will appear to be an internal email, which typically is not scanned by email security solutions

Evasive malware and phishing schemes easily bypass detection to deliver keyloggers, ransomware and more, resulting in account takeovers and compromised personal or confidential data. And organizations don’t have much time before real damage is done (although time typically is not the criminals’ challenge). According to the Verizon 2018 Data Breach Investigations Report, 87% of compromises took only minutes, while 68% of compromises took companies months to discover.

Email security controls for the cloud must provide protections in three key areas:

  • Advanced threat detection
  • Advanced anti-phishing
  • Account takeover protection

Advanced Threat Detection

One of the key characteristics of advanced malware is the use of many tactics to evade detection. In addition to defeating signature-based detection products and behavior-based detection tools, there are hundreds of evasion techniques that advanced malware uses to avoid detection. Moreover, a malware object will typically deploy multiple tactics. While there are hundreds of specific tactics, they fall into broad categories:

  • Stalling delays
  • Action-required delays
  • Intelligent suspension of malware
  • Fragmentation
  • Return-oriented programming
  • Rootkits

Conventional, virtual sandboxes are no longer up to the challenge. Threat actors create malware that spots virtual sandbox environments and takes evasive actions. Only “bare metal” full system CPU emulation can remain hidden from malware so that its payload is accurately detonated. This approach is highly accurate with vastly fewer false positives.

Advanced Anti-Phishing

Basic anti-phishing functionality uses techniques to examine the headers, subject, and body. They also provide URL filtering with data resources such as URL blacklists. More advanced anti-phishing systems also analyze the links in an email and the content they point to. What’s needed to boost the effectiveness of these methods is deploying machine learning that can block zero fonts and evaluate historical emails to determine the trust relationships between sender and receiver.

Account Takeover Protection

Even with anti-phishing measures, users may still lose their credentials. Cloud security must analyze login and account activity to detect and block account takeovers. This can be done by correlating login events with past activity based on:

  • Geography
  • Time of day
  • Sending outgoing phishing emails
  • Sending a high volume of emails
  • Emails with a large number of recipients

Of note here is that scanning outbound and internal emails are as important as scanning inbound. One obvious indicator of account takeover is detecting an internal user’s email account is sending phishing emails. Without outbound and internal scanning, this is likely to be missed.

Conclusion

Cloud email offers many benefits to enterprises of all sizes — including government agencies. Protecting email from advanced threats should be a top priority for all organizations. Basic anti-virus and anti-spam features are not enough to protect an organization, its people, and its data and IP. When considering cloud email security solutions, it’s important to consider the strength of malware detection, advanced anti-phishing functions, and protection from account takeover.

Lastline Email Defender-CloudTM is one example of a solution that offers the right combination of advanced malware detection with very few false positives, machine learning supported anti-phishing algorithms, and outstanding protection from account takeover. Enterprises will gain all the simplicity of cloud email and all the power of Lastline® to defeat threats. Lastline Email Defender-Cloud can be quickly deployed and easily maintained because of the reliable native cloud API architecture that eliminates the need to change MX routing.

  • About
  • Latest Posts

Lastline

Latest posts by Lastline (see all)

  • Lastline Boosts SOC Efficiency by 100%, Effectively Doubling Productivity of SOC Teams - May 21, 2020
  • Lastline Named as One of the Best Places to Work - February 20, 2020
  • Don’t Hate Your Legacy IDPS – Replace It - February 3, 2020
ShareLinkedinTweetReddit
Tags:
account takeover, Bert Rankin, Cloud Email, Email Security, Email Security Solutions, Lastline Email Defender-Cloud, Machine Learning


LATEST FROM TWITTER
lastlineinc
July 20, 2020

As part of our acquisition by VMware, our Twitter account will be shutting down soon. Thank you to everyone who has followed us over the years! We encourage you to follow @VMwareNSX for ongoing network security content.

https://twitter.com/vmwarensx

Reply on Twitter 1285251080301887498Retweet on Twitter 12852510803018874983Like on Twitter 128525108030188749812Twitter 1285251080301887498
lastlineinc
June 12, 2020

Want to learn how to map your network #security controls to MITRE ATT&CK? We made a webinar just for you. Watch here ➡️ http://ow.ly/Qw4m50A1cA2 @ISMGCorp #security

Reply on Twitter 1271458653430824960Retweet on Twitter 1271458653430824960Like on Twitter 12714586534308249604Twitter 1271458653430824960
Load More...
Latest Posts
  • Lastline to be Acquired by VMware
    04 June, 2020
  • The Importance of Security Software Integrations and How They Influence Purchase Decisions
    04 June, 2020
  • Mitigate M&A Network Security Risks
    02 June, 2020
LATEST PRESS RELEASES
  • Lastline Boosts SOC Efficiency by 100%, Effectively Doubling Productivity of SOC Teams
    21 May, 2020
MEDIA MENTIONS
  • Coronavirus-Themed Phishing Fears Largely Overblown, Researchers Say
    20 May, 2020
FROM THE BLOG
  • Lastline to be Acquired by VMware
    04 June, 2020
© 2020 Lastline Inc. All Rights Reserved
Support | Customer Login | Privacy Policy | Your California Privacy | Policies | 877-671-3239
This website uses cookies for website analytics purposes. For more information on how this website uses cookies, please visit our Privacy Policy. I ACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

This is an necessary category.

Non Necessary

This is an non-necessary category.

Save & Accept