Trusted Intrusion DetectionTM Technology
This is the core of our email security defense.
You get Trusted Intrusion DetectionTM with eMailGPS Microsoft Outlook Trusted Add-in, runs in-flight predictive analysis and identity scans on emails as they arrive instantly in Outlook to proactively notifies each end-user of “untrusted sources”, ad-hoc geolocation mapping of the email source, allows a single-click, to send the e-mail threat to a corporate help-desk to take action.
Scan’s emails in-flight for known threats as reported by various cyber security centers: Federal Agencies, Non-Profit and internally researched lists. Additionally, this threat list are updated upon each Outlook session instantiation and can be updated frequently by Security Teams and/or End-Users on-demand both with customized changes, and refreshes of cyber security center lists.
- Knows about threats the firewall may miss
- Looks at threats differently than a SPAM filter
- Allows end-users to know there is a threat BEFORE opening the email
- Uses threat databases from government and .org entities globally
- On demand end user updates in a central location for enterprises
- Creates natural awareness for end- users to be vigilant with email threats
Real-time Identity ScanTM (RIS)
Identifies an email’s identity as a trusted IP source based on security policies and this trusted list are updated upon each Outlook session instantiation and can be updated frequently by Security Teams and/or End-Users on-demand both with customized changes, and refreshes.
- Works from a list of trusted sources
- Trusted sources can be cloud provider, enterprise email server farms, internal IP addresses, or other custom lists
- If you receive an email with a spoofed email address, but also has untrusted marker, email may be phishing scam
Ad-hoc email origin mapping for identity verification, email forensics, or asset location.
- It’s a database in the cloud, or onsite
- Regional Internet Registries (RIRs) are nonprofit corporations that maintain IP to location information
- GeoMappingTM knows everything, eMailGPS knows the email structure and information, and passes that to GeoMappingTM
- Can vary in location detail information, but all info is usable for social engineering
- eMailGPS uses Google Maps for GeoMappingTM
- eMailGPS provides information to drill down to source IP location and any direct ports that may be open at email sender’s site
- eMailGPS provides info to Google Earth
- Many Google Earth email lookups have street level view of email’s origin
- GeoMappingTM is the one thing social engineering cant fake
- Even blocking ones IP address is information used in social engineering prevention
Post Threat NotifierTM
Align end-users with enterprise security strategies by providing a “one-click” email forensics reporting that automatically bundles and geolocates the suspect email’s information for internal security teams, help desks or external managed service providers to use for resolution. No email content is sent to support, this is great for external Managed Service Providers (MSP). This allows MSPs to dramatically increase their proactive services profile with new and existing customers and maintain or exceed their Service Level Agreements (SLA) with their customers.
- Aligns end users with security and support teams
- Gives email users a path to go back to what they were doing before worrying about an email’s safety
- Closes the weakest link in the security chain, the end user
- Automatically sends info security and support teams can use, with no technical know-how from end users
- Information sent with one click includes complete email path information, source IP address , link to geolocation map and domain information
- No email content is sent to support, great for external Managed Service Providers (MSP)
- Quick-Step Quarantine ContainmentTM removes the suspected emails from INBOX
- Allows MSPs to dramatically increase their proactive services profile with new and existing customers and maintain or exceed their Service Level Agreements (SLA) with their customers
Email Quarantine ContainmentTM
Outlook Quick-Steps provides the ability for Email Quarantine ContainmentTM removing suspected emails for later review from the INBOX. This is a holding area for suspected emails that may require further analysis by the Security Teams. Once analyzed the Security teams will make the recommendation to destroy the email or safely place the email back into the INBOX.
Emails can be Quarantined in several ways:
- One-Click Notifier sends the suspected email to security teams and is automatically placed into quarantine containment
- Quick-Step is another method that can place suspected emails into quarantine containment
- Both cases remove the suspected emails from INBOX