SBN

Zero-trust inbox security with Valimail Defend

We live in a new era of increasing, relentless and rapidly changing fraudulent phishing attacks. While existing technologies try to keep pace, it’s common to find threat actors always one step ahead. They are attacking organizations with a tried and true con that has worked since the beginning of cons themselves: Using a fake identity to gain access to people and places they otherwise wouldn’t be allowed to reach.

These impersonation tactics are the predominant way to successfully phish an organization, as they account for almost 90% of all BEC attacks. Existing inbox defenses — which are geared towards stopping malware they’ve detected and classified at least once before — are failing to stop impersonation attacks because they are increasingly new to network and malware-less. According to Google, over 68% of phishing emails have never been seen before.

DevOps Connect:DevSecOps @ RSAC 2022

Given the new rules of engagement, there’s a need to stop zero day phishing impersonations. One that doesn’t rely on malware detection and pattern matching, or adding emails to blacklists.

Zero-trust for your inbox

That’s where Valimail Defend comes into the picture. Valimail Defend protects employees by identifying and authenticating who is allowed to send an email into your organization. In this case, who refers to the sending domain of the inbound email. To perform this differentiated security at-scale, Valimail has built the largest database of authenticated sending domains in the world.

We aggregate thousands of industry domain directories, such as the Better Business Bureau, American Bar Association, the Nasdaq etc., and map these legitimate businesses to verified domains. To date, Valimail has verified and authenticated over 30 million domains and is adding more each day.

By validating the identity of the domain, we developed a unique approach that applies zero trust to domains — especially newly registered ones with the intent on phishing your organization.

Delivering results out of the box

After a one-click connection to Office 365 or G Suite, Defend provides coverage right out of the box to organizations that need protection fast. Recent highlights of Defend’s protection capabilities:

  • 250K unique sending domains detected per day
  • 99% recognition rate by domain volume
  • 99.92% recognition rate by message volume (conversely, 0.08% of messages originate from unknown domains)

As the results indicate, organizations benefit from comprehensive coverage as Defend saves valuable time by automatically block or flagging messages from untrusted senders. For the small volume of messages originating from unknown senders (domains not already in Valimail’s database), Defend remediates them rapidly, classifying these domains as trusted or untrusted without any intervention needed from the the customer.

Latest innovations

Organizations look to Defend to help secure their employees inboxes and provide policy configurations that give administrators control over inbound threats.

The latest features added to this cutting-edge product advance Defend’s protection capabilities even further:

Rapid threat intelligence

Defend quickly delivers protection insights for your organization, including the volume of inbound threats from untrusted domains and contacts. If an emailing domain is not in our repository of whitelisted domains or your organization’s trusted contacts, any traffic coming from the domain will be marked as untrusted.

Policy controls at your fingertips

Defend gives you access to a wide variety of policy controls and configurations on how to treat untrusted email traffic. Administrators can assign default policies for the organization and then apply specific policies to specific groups and individuals that have a high risk profile.

Protect your most-attacked people

We make it easy to get visibility into threats targeting at-risk employees, such as executives, finance or payroll departments. Defend gives administrators the ability to assign groups of employees or individual mailboxes to watchlists, for easier access to protection insights and policies to keep them safe.

Visibility into potentially threatening messages

Defend provides visibility into messages that are targeting your organization, including who it came from, who was targeted and when it was sent. Administrators are able to drill down to a specific message, copy the Message ID and link directly to the Office 365 or G Suite admin portal for further investigations into the subject line, sender and email body, links and attachments.

To learn more about Defend, request a free phishing analysis to find out exactly what untrusted senders are getting into your employees’ inboxes.

The post Zero-trust inbox security with Valimail Defend appeared first on Valimail.

*** This is a Security Bloggers Network syndicated blog from Valimail authored by Roman Tobe. Read the original post at: https://www.valimail.com/blog/zero-trust-inbox-security-defend/