Secure email against targeted phishing attacks.
Blue Coat Mail Threat Defense protects against email-borne malware in links and attachments that are activated by unsuspecting end users. Deployed inline as a cloud-based service or a premise-based appliance, the solution extracts malicious content prior to delivery and without disrupting the existing message flow, while enforcing enterprise security policies. It integrates seamlessly with the Blue Coat Advanced Threat Detection ecosystem and supplements existing email security tools.
Protect Office 365 Mail Embeds, Attachments
Mail Threat Defense protects against targeted attacks and phishing for enterprises migrating to Office 365. By deeply scanning embedded URLs and file attachments in email messages prior to delivery at the cloud mail server, then taking policy-based actions to sanitize the messages based on the risk scores received, enterprises vastly reduce the opportunity for end users to inadvertently introduce a devastating malware breach into the organization launched from an errant click.
Expose More Email Threats
Mail Threat Defense blocks all known email-based threats and automatically delivers never-before-seen, unique, and zero-day malware for sandbox detonation, comprehensive analysis, and targeted risk scoring to block unknown threats. It scans embedded file attachments and URL links for malware, then takes actions based on corporate security policy.
Positioned inline after the SPAM filter, Mail Threat Defense integrates with other email security solutions, preserving and enhancing the value of prior electronic mail security investments.
Pre-Filters and Rejects the Knowns
Mail Threat Defense applies a variety of sophisticated techniques to quickly pre-filter and reject both known good and known bad files and URLs:
- URL Filtering
- File Hash Reputation
- Anti-Virus Detection
- Static Code Analysis
Safe messages proceed to end users.
Analyzes the Unknowns
Unknown files and URLs are extracted and sent to the Blue Coat Malware Analysis Appliance, an advanced multi-stage sandbox, for identification and risk scoring in precisely tailored gold-image detonation chambers. It performs recursive analysis on the primary file or URL plus any subsequent “dropped” files and callback URLs:
- Static Code Analysis
- Dynamic / Behavioral Analysis
- Reputational Analysis
- YARA Rules Analysis
Configurable Security Policies
Security policies allow enterprises to balance message delivery speed, user preference, and business security needs. Based on risk scores, policies can:
- Remove malicious attachments
- Remove/replace malicious links
- Add malicious content warnings
- Quarantine malicious messages
- Email End User (Employee): Fast, accurate receipt of legitimate business (and some personal) messages with all links and attachments intact
- Message Infrastructure Engineer: Rapid delivery of safe messages scanned for malicious links and attachments
- Mail Security Analyst: Minimization of the email attack vector in circumventing enterprise defenses
- Security Auditor: Easy access and retention to logging of all events
- Desktop Support Engineer: Reduced trouble tickets; reduced downtime for desktop and remote users
- Executive (CISO, CTO, IS Director): Comprehensive multi-vector threat protection; fortification against the end-user weakest link in the security chain. Proof of ROI.