Lastline® Email Defender™ is a complementary layer of defense to enhance your email security controls. You can deploy it anywhere you want to improve your email security against advanced threats engineered to evade detection:
Lastline Email Defender works with your existing email system to protect your organization from email-based threats like ransomware, crypto-mining, credential stealing, social engineering, and spear-phishing.
Lastline Email Defender gives you the ability to protect your email system, regardless if it is in the cloud or customer-managed.
Lastline Email Defender-Cloud provides unmatched threat protection for Office 365 mail and Gmail. It is an additional layer of defense against threats that bypass those applications’ limited security controls.
You can quickly secure your cloud email against advanced malware attacks, phishing, email compromise (BEC) and account take-overs (ATO). Lastline Email Defender-Cloud scans inbound, outbound, and internal emails looking for threats.
Lastline Email Defender gives you the ability to augment your existing email security controls with a complementary layer of protection that detects the advanced malware other technologies miss, without adding significant cost or complexity.
Security controls such as Secure Email Gateways (SEGs) are effective for blocking some threats like spam but cannot combat advanced malware like keyloggers and ransomware. The evasion techniques that are commonplace in advanced malware easily fool even “Next-generation” technologies like sandboxes that supplement SEGs.
We designed the Lastline architecture to give you the maximum protection you want while offering the deployment flexibility and low TCO you need. Lastline Email Defender-Enterprise has three components to deploy:
You can configure these components to complement your SEG and MTA (Mail Transport Agent) systems. You can choose between three deployment options to passively monitor or actively block malicious content.
Deploy Lastline Email Defender in different modes, on-prem or in the cloud, to meet your requirements.
Lastline Email Defender delivers unmatched threat visibility and accurately detects ransomware, fileless malware, credential stealers, and other mail-based attacks. It enables you to understand the objective of the attack, as well as respond faster to the threat before a data breach occurs. Your IR team can respond to alerts with certainty, eliminating the need to investigate generic alerts for potential false positives.
At the heart of Lastline Email Defender is Deep Content Inspection™, a unique isolation and inspection environment. Deep Content Inspection imitates a complete operating system and hardware environment, delivering unmatched visibility into the malware, all programs and services it invokes, all operating system functions, and all kernel activity. It analyzes every action, including all CPU instructions, memory locations accessed, devices used, and network connections.
Traditional sandboxes only have visibility down to the operating system level. They can inspect content and identify potentially malicious code, but they can’t interact with the malware like Email Defender can. As a result, they have significantly lower detection rates and higher false positives.
Lastline Breach Defender™ also augments the data it collects by incorporating global context for malicious activity detected locally on your systems. This insight enables you to understand how activity on your network relates to activity detected across Lastline’s global customer base, including all other malware detected by Lastline customers that reference IOCs discovered in your network.
Business Email Compromise (BEC) attacks often target cloud email systems like Office 365 mail and Gmail. They start with a spear-phishing attack or spoofed emails targeted at specific executives in order to commit fraud.
These attacks evade detection from email security controls that rely on content scanning or signature-matching. The emails do not contain links to any fraudulent sites or have malicious attachments, which normally trigger alerts.
Instead BEC attackers use publicly available data from social and business media sites to identify reporting relationships as well as names and titles of coworkers, upcoming travel, and so forth. They’ll use this knowledge to create a realistic looking message from a trusted co-worker to initiate a fraudulent transaction, such as a wire transfer.