Integrated Cloud Email Security (ICES) Solutions are a cloud-based email security services designed to work natively with cloud email platforms such as Microsoft 365 and Google Workspace. These tools are designed to provide enhanced protection for sophisticated email threats such as phishing, malicious URLs and attachments, account compromise, and harmful email messages.
ICES solutions work alongside the native email protection offered by cloud-based email platforms. Unlike traditional secure email gateways, they are deployed directly into the email inbox environment, meaning they can scan internal email messages and remediate malicious email messages even after they have been delivered to users. This means that you can ensure that your accounts are not being used to distribute malicious content, as well as protecting them from it. They are typically deployed either by API, or by using mail flow rules. This is unlike traditional SEGs which require changes to MX-records.
Key features of an ICES solution include warning banners, contextual message scanning using machine learning algorithms, automated remediation of phishing and scams, real-time content and URL malware scanning, and identification of compromised accounts based on mailbox and user activity. These services can be used alongside the traditional SEG as an extra layer of protection, but are increasingly replacing the SEG altogether, particularly for cloud-native businesses.
IRONSCALES combines human intelligence with machine learning to block phishing attempts from the inbox. The service offers strong protection against malware and malicious URLs, business email compromise, credential theft, and phishing, with internal email scanning, automated remediation, and warning banners. The service utilizes human intelligence by allowing users to report phishing attacks directly within their email inbox and sharing these findings. IRONSCALES can also protect Teams and Microsoft Exchange.
Threat intelligence is shared across their email network, and according to admin policies. Once suspicious emails are reported, they are automatically quarantined, removing the threat from the user. As IRONSCALES works automatically, this is a great service to take the pressure off IT departments and increase your overall security efficacy. It is installed easily via API connection and works immediately to protect your business.
IRONSCALES is popular with clients for its high-quality customer support and innovative solutions. We’d recommend IRONSCALES to customers who need advanced threat protection for cloud-based email channels.
Abnormal is a cloud-native email security solution that uses behavioral AI to provide protection against advanced email threats such as social engineering, malware, and account compromise. The platform combines inbound email security and account takeover protection to ensure that user inboxes are secured against inbound and internal email threats. This provides more comprehensive protection than a traditional secure email gateway (SEG) can.
To protect against inbound email threats, Abnormal’s Inbound Email Protection solution creates a risk profile for all inbound communications. Safe emails are delivered securely to the inbox, spam is delivered to the user’s “junk” folder, and emails that are deliverable, but may be suspicious, are delivered with a contextual warning banner that notifies the end user to be wary. Abnormal also rewrites the URLs of any potentially malicious emails, preventing users from being redirected to phishing websites.
Abnormal’s Account Takeover Protection feature uses an AI engine that analyzes all emails against over 45,000 indicators of compromise, such as login frequency, location, and communication patterns. This allows it to detect anomalies in the sender’s behavior, helping to quickly identify and mitigate internal and vendor account compromise. Compromised accounts are automatically disarmed by logging users out of active sessions and blocking their access, thereby reducing the spread of an attack.
Abnormal Security’s platform deploys natively in the cloud and offers seamless Google Workspace and Microsoft 365 integration via API, meaning that users benefit from Abnormal’s protection without having to turn off the in-built security features offered by Microsoft Defender. We recommend Abnormal as a powerful email security platform for organizations of all sizes, and particularly those using a Microsoft email client.
Armorblox is a machine learning-powered, cloud-based email security solution that effectively defends against phishing, malware, and social engineering attacks. Using natural language understanding (NLU), it analyzes email content to detect indicators of phishing attacks and compromised accounts. Armorblox safeguards users by sandboxing suspicious material, adding warning banners to suspicious emails, and offering detailed analytics for future attack prevention.
The intuitive dashboard provides a clear timeline of email threats and a breakdown of threat types (e.g., graymail, extortion, payroll fraud) and at-risk departments (e.g., finance, legal, marketing). This empowers administrators to understand the nature of the threats faced by their organization, and to tailor remediation efforts accordingly. Admins can access granular data on each threat, including affected domain addresses, violated policies, and control over remediation actions.
Armorblox is designed for deployment in various settings, with a specific focus on combating financial fraud. It goes beyond local networks by conducting supplier risk assessments, thereby reducing the risk of business email compromise (BEC) and extortion. We recommend Armorblox to organizations seeking advanced protection against email fraud, including phishing, social engineering, and account compromise.
Avanan, a Check Point company, offer an integrated cloud email security solution for Microsoft 365 and Google Worksapce. Avanan protects organizations from advanced and targeted email threats, including spear-phishing and account compromise. The service can be deployed via API-based integration within a few minutes, without requiring any MX record changes.
Avanan provides full visibility and protection against threats that are inside the Office 365 environment. Their anti-phishing tools utilize machine learning (ML) algorithms to detect malicious emails threats that are missed by email gateways and Microsoft’s default security systems. Avanan use ML models to analyze over 300 indicators of phishing attacks, providing powerful phishing and account compromise detection, all before a message enters the inbox.
Avanan also offers protection for Slack and Teams to prevent phishing and malware across company communication channels. Avanan offer a powerful email security platform, which we recommend for Microsoft 365 and Google Workspace users looking for anti-phishing, anti-malware, and account compromise protection.
Darktrace offers a cloud-native email security service, protecting against phishing and other email threats, account takeover, and accidental data loss. Darktrace specializes in AI-powered network security solutions. Their email security platform utilizes artificial intelligence to understand your email networks and proactively prevent suspicious content from reaching your users. It effectively combats advanced email attacks like sophisticated phishing, account takeover, and domain spoofing.
By learning the typical behaviors of your email users, Darktrace’s AI engines can detect anomalies and automatically remediate suspected incidents, including phishing, account compromise, and misaddressed email sending. The platform is fully cloud-based and can be easily integrated into Microsoft 365 within minutes through API connections.
Darktrace offers an effective additional layer of security to the built-in controls of Microsoft 365, extending its threat protection to Microsoft Teams, SharePoint, and OneDrive.
Egress offers an ‘Intelligent Email Security’ suite that includes multiple controls to secure email messages, including cloud email security, outbound email data loss protection, and a leading secure email encryption service. Egress uses machine learning detection technologies to reduce the risk of email threats and prevent data and information loss.
Egress Protect is an ICES solution which prevents phishing threats, including business email compromise. It places warning banners on suspicious email content in real-time and provides insights to IT admins around at risk accounts and highlighted threats. Egress analyzes contextual email content, including the urgency and tone of messages, to detect phishing even when there is no outright malicious content detected.
In addition, Egress also offer Prevent, a solution which uses this same technology to eliminate human error in the email chain, such as misaddressed emails and file sharing. This mitigates against compliance breaches and data loss and can be combined with DLP rules to prevent insider risks. Egress also offers an encryption platform which enables secure, AES 256-bit email encryption, with the choice of push and pull delivery models.
Inky is a cloud-based email security solution that effectively prevents sophisticated phishing and malware attacks in Microsoft 365 and Google Workspace. Inky combines machine learning detection engines and warning banners to provide robust protection. The platform performs instant scanning of inbound, internal, and outbound email messages for phishing attempts, impersonation attacks, and malware.
Inky’s platform displays customizable banners on all email messages, indicating their safety level—they can be deemed safe, potentially malicious, or harmful. Admins have the flexibility to send suspicious emails to quarantine or allow users to make judgments on their own. The solution works across devices and email platforms, making it suitable for remote organizations and users with personal devices. It seamlessly integrates with Microsoft 365, providing an additional layer of email protection alongside EOP or a secure email gateway solution.
We would highly recommend Inky to organizations seeking an intuitive cloud-based email security platform focussed on preventing phishing attacks and impersonation attempts.
Market leading email security provider Mimecast offers a dedicated AI-powered, cloud-integrated email security service built specifically for security Microsoft 365. This service is currently available in the US and the UK. The service deploys in just a few minutes and improves native M365 security controls, leveraging Mimecast’s industry leading threat detection capabilities to prevent malware and phishing scams.
Mimecast offers leading threat intelligence data, securing more than 40,000 customers and inspecting over a billion emails daily. This data is used to power machine learning algorithms that detect phishing by analyzing email content, including body and subject analysis, alongside end user reporting, attachment scanning, and spam filtering controls. A comprehensive threat dashboard highlights why emails have been blocked, with full visibility into your email risk assessments. Contextual warning banners are placed on suspicious email messages, and are updated in real-time, across inboxes and devices.
Tessian offer a complete cloud-based email security package with its Intelligent Cloud Email Security Platform. Tessian detects and prevents advanced email threats, including spear phishing, account compromise, and ransomware. In addition to this, it also protects against internal email risks, such as sending emails to the wrong person, and other employee mistakes. The platform is designed to work seamlessly to enhance Microsoft 365’s default security controls.
Tessian helps teams to prevent misaddressed emails and files, automatically preventing data loss and insider risks, and uses historical email data to establish ‘normal’ communication patterns for an organization. By looking at the context of email messages the platform can protect against advanced email threats such as phishing, business email compromise, and impersonation. Malicious messages are automatically quarantined, with warning banners placed on messages to encourage users to be vigilant about harmful email content.
Tessian is a strong email security services, particularly for regulated industries aiming to minimize human error while improving security against phishing and account compromise, particularly for Microsoft 365. As of November 2023, Tessian has entered into an agreement to be acquired by Proofpoint, a leading email security and compliance provider.
Trustifi is a leading cloud-based provider of email security and encryption solutions. It empowers organizations to defend against email threats and protect sensitive data. Trustifi’s Inbound Shield conducts real-time scanning of email content, effectively detecting and mitigating malicious links, harmful attachments, and phishing attacks. For outbound messages, Trustifi offers secure email encryption with a convenient ‘One-Click Compliance’ feature.
Trustifi’s comprehensive email security solution includes inbound threat protection, safeguarding against phishing, spoofing, impersonation attempts, business email compromise, and spam. All of these security measures can be conveniently managed from a centralized admin dashboard, with customizable policy configurations to meet specific needs. Trustifi also offers a powerful encryption platform, which automatically encrypts sensitive email content to ensure data protection and legal compliance. Recipients can access encrypted emails directly from their inbox, with a robust two-step verification process for secure authentication.
Trustifi seamlessly integrates with Microsoft 365 and is particularly well-suited for organizations seeking easy-to-use email encryption for compliance purposes and robust inbound email security.
FAQs
What Is Integrated Cloud Email Security?
Integrated cloud email security (ICES) solutions are cloud-native email security platforms designed to protect cloud-based email platforms, such as Microsoft 365. They protect against sophisticated phishing threats that can bypass the conventional, static controls utilized by SEG services and are much easier to deploy than traditional email security services.
How Does Integrated Cloud Email Security Work?
Integrated cloud email security (ICES) solutions seamlessly integrate into the inbox environment and can be deployed through an API connection or by implementing mail flow rules. By directly scanning the inbox environment, ICES effectively address gaps present in SEG services. This capability enables them to scan internal emails, a task that traditional SEGs have struggled to accomplish. Additionally, these tools possess the ability to promptly remove potentially malicious email content from all mailboxes, even after an email has already been delivered.
They often leverage machine learning systems to analyze the content of email messages, including header and body analysis, attachment inspection, and URL sandboxing. As they work inside the inbox, they can add warning banners to email messages, and enable end users to report malicious email content. This can then be automatically quarantined or deleted according to admin policies.
