Prevent Advanced Threats Hidden in Office 365 Mail and Gmail E-Mails

Lastline Email Defender is an integral defense layer to enhance your email security checks. You can locate it wherever you want to detect advanced malware that tries to avoid testing and improve your E-mail security:

  • Office 365 In the Cloud to protect Email and Gmail
  • In customer-managed E-mail systems, it is possible to use internal or cloud services.

Lastline Email Defender works with your existing email system to protect your organization from email-based threats such as ransomeware, cryptomining, user identity theft, social engineering, and spear-phishing.

Security of any Email System

Lastline Email Defender gives you the ability to protect your E-mail system, whether it's located in the Cloud or managed by the customer.

Preventing Corporate Mail Attacks

Enterprise Email Attacks (BEC) typically target Office 365 mail and Gmail systems. It starts with a spear-phishing or fake emails targeted to specific managers to commit fraud.

Lastline Email Defender-Cloud for Office 365 Mail and Gmail

Lastline Email Defender-Cloud is a unique threat protection for Office 365 and Gmail accounts. This is an additional layer of defense against threats that can circumvent the limited security controls of applications.

You can quickly protect your cloud email from advanced malware attacks, phishing, enterprise email attacks (BEC), and account hijacking (ATO). Lastline Email Defender-Cloud threat scans incoming, outgoing and internal emails.

Identification Difficulty

These attacks avoid email security checks based on content scanning or signature processing. E-mails do not contain links to any fraudulent sites or normally contain malicious attachments that trigger alerts.

Instead, BEC uses publicly available data from social and business media sites to identify attackers, colleagues' names, titles, upcoming travels, as well as reporting relationships. They use this information to create a realistic-looking message from a trusted colleague to initiate a fake transaction, such as a bank transfer.

Lastline E-mail Defender for Customer Managed E-mail Systems

Lastline Email Defender gives you the ability to detect advanced malwares at the risk of hijacking other technologies without adding significant cost or confusion to existing email security checks and add a complementary layer of protection.

Security checks, such as Secure Email Gateways (SEG), are effective to block certain threats, such as spam, but cannot combat advanced malware, such as keybloggers and ransomware. Avoidance techniques common to advanced malware can even fool “next generation“ technologies such as sandboxes that support gateways.

The Lastline architecture is designed to give you the maximum protection you want while offering flexible positioning and minimum TCO. Lastline Email Defender-Enterprise has 3 components to locate:

  • Sensors scan traffic for indicators and anomalies that reveal harmful content and behavior. Sensors reside on your network and work on your hardware or virtual machines.
  • Manager analyzes files sent by sensors. The Manager then sends the object to the Detection Engines for analysis if needed
  • Detection Engine performs analysis of suspicious files using Deep Content Inspection. The Detection Engine sends the analysis results back to the Manager.

You can configure these components to complement your SEG (Secure Email Gateway) and MTA (Mail Transport Agent) components. You can choose from three distribution options, such as passively watching or actively blocking malicious content.

Disable Account

Lastline Email Defender provides unmatched threat visibility for and accurately detects ransomeware, fileless malware, identity thieves and other email-based attacks. It allows you to understand the purpose of the attack and respond faster to a threat before a data violation occurs. Your Emergency Response team can respond precisely to alerts and eliminates the need to investigate potential potential false-positive alerts.

Global Threat Intelligence

Lastline Network Defender also enhances the information it collects by combining the global context for locally detected harmful activity on your system. This insight allows us to understand how activity on your network depends on the activity detected from Lastline's global customer base, including any other malware detected by Lastline customers that refer to IOCs on your network.

Sector Leader Determination

Located at the heart of Lastline Email Defender, Deep Content Inspection is a unique isolation and inspection environment. Deep Content Inspection fully simulates an operating system and hardware, provides a unique overview of malwares, runs all programs and services, provides full operating system functionality and full kernel activity visibility. It analyzes all actions, including all CPU instructions, memory locations accessed, devices used, and network connections.

Traditional sandbox technologies have visibility only at the operating system level. They may review content and identify potentially malicious code, but they cannot interact with malware such as Email Defender. As a result, significantly lower detection rates and higher false positives are available.

TOP