The Top 11 Email Security Gateways

SpamTitan Email Security is a secure email gateway that provides comprehensive protection against email threats like spam, malware, ransomware, and phishing.

How it works: SpamTitan is cloud-based and deployed inline. It scans inbound and outbound emails with powerful spam filtering. It has market leading catch rate of 99.99% and a false positive rate of 0.0003%.

Who it’s for: We recommend SpamTitan Email Security as an easy to manage email security solution for SMBs, enterprises, MSPs, and resellers.

What we like: SpamTitan provides advanced protection against phishing attacks, scanning all inbound emails in real time and filtering out malicious content, including phishing URLs and malicious attachments.

• Provides multi-layered email threat protection, including CEO impersonation protection, phishing detection, URL analysis, attachment sandboxing, ransomware protection, DKIM/DMARC checking, and encryption.
• Comprehensive admin controls, including data loss protection for outbound emails, threat protection policies, reporting, allow/deny lists, and domain policies.
• Easy to deploy for Microsoft 365, with strong documentation and customer support.

Additional capabilities: TitanHQ offers several other email security focused solutions. This includes an API-based phishing protection solution (PhishTitan), email encryption (EncryptTitan), email archiving (ArcTitan), and security awareness training (SafeTitan).

User feedback: SpamTitan is popular with customers, who praise the service for its ease of deployment, cost-effective pricing, and high-quality technical support.

The bottom line: SpamTitan Email Security is an accessible and easy to manage platform, with a comprehensive SEG feature set. The service is simple to use, and easy to deploy, easily integrating with existing email systems. SpamTitan Email Security works well as an extra layer of security for Office 365 accounts.

• TitanHQ was founded in 1999 and secures over 12,000 business and 2,750 MSPs.

IRONSCALES provides fast, powerful protection against threats within the email inbox, such as phishing and Business Email Compromise (BEC).

How it works: IRONSCALES is fully-cloud based and deployed via API with M365 and Google Workspace. It uses AI-driven algorithms, combined with human intelligence from end-users, to identify malicious emails, and automatically remove them from users’ inboxes.

Who it’s for: It’s best suited for Microsoft 365 & Google Workspace environments. Organizations that are happy with their level of spam filtering but need additional protection from account takeover (ATO) and BEC.

What we like: In our testing, IRONSCALES detected phishing threats missed by Office 365 and other leading email security solutions. We highly rate the service for protecting against social engineering attacks, such as phishing and BEC.

• Uses behavior analysis, anomalous activity detection, and user profiling to detect account compromise attacks.
• Includes a customizable ‘Report Phish’ button. According to admin policies, reported emails can be automatically quarantined.
• All emails are assigned a security score. Suspicious emails are automatically quarantined or display warning banners, according to admin policies.
• Comprehensive URL scanning and attachment sandboxing – which also extends to Microsoft Teams.

Additional capabilities: IRONSCALES offers a full suite for security awareness training with customizable phishing simulation templates.

User feedback: Users praise the effectiveness of phishing detection and remediation, the ease of integrations, and the support for antivirus scanning in Microsoft Teams.

The bottom Line: IRONSCALES is a powerful phishing detection and email security platform, which we highly rate for effectiveness. IRONSCALES now also offers protection against malicious links and attachments in Microsoft Teams environments. Read our review of IRONSCALES here.

• IRONSCALES was founded in 2014 and is headquartered in Tel Aviv, Israel.

Trustifi is an email security and encryption platform that secures inbound and outbound email communications against phishing, account takeover, and malware.

How it works: Trustifi is cloud-based and deploys via API. It provides inbound threat detection via text-based email analysis and malware scanning, as well as outbound email DLP with a full encryption suite.

Who it’s for: It is well suited to teams of all sizes looking to deploy a comprehensive inbound email security solution alongside email encryption. It’s very easy to deploy for M365 and Google Workspace.

What we like: In our testing we rated the ease of use and deployment of the solution, particular the end user email encryption process. The solution detects ATO attempts as well as phishing and spam.

• Deploys with pre-configured, default threat detection settings in place so that, once deployed, it instantly provides threat protection.
• Quarantines or removes malicious emails according to per admin policies, with allow/deny controls for known good and malicious domains.
• Offers AES 256-bit encryption for all outbound emails, ensuring compliance with regulatory standards, such as HIPAA, GDPR, and FINRA.
• Granular inbound and outbound email security configurations.

Additional capabilities: Trustifi offers email encryption, account takeover detection, email archiving, security awareness training, and a managed detection and response solution for email.

User feedback: Trustifi is praised by customers for its ease of use, both from an admin and end user perspective.

The bottom line: We recommend Trustifi as a powerful, user-friendly solution for organizations of any size looking to secure their inboxes against threats such as phishing, as well as encrypt their most sensitive email content.

• Trustifi was founded in 2017 and is headquartered in Tel Aviv, Israel.

Abnormal Security is a leading AI-native cloud email security platform. Abnormal goes beyond simple email protection, using machine learning to stop sophisticated inbound attacks and detect compromised accounts in email and connected applications.

How it works: Abnormal is cloud based and deployed via API for M365 and Google Workspace. Abnormal’s AI-powered anomaly detection engine analyzes over 45,000 signals, looking at contextual data from your environment to detect advanced email threats and ATO attempts.

Who it’s for: We recommend Abnormal for organizations using Microsoft 365 or Google Workspace, looking for advanced protection against phishing and account compromise.

What we like: In our testing, we highly rated the admin console, depth of controls available, and user experience.

• Highly effective at detecting social engineering attacks such as phishing and account takeover.
• Automatic detection and remediation of malicious email messages and suspicious login events.
• Comprehensive reporting and admin policy controls to manage configuration changes in your environment.

Additional capabilities: Alongside email security, Abnormal delivers protection for SaaS applications such as Slack, Workday, Salesforce, ServiceNow, Zoom, and Amazon Web Services. It provides comprehensive protection against attacks targeting cloud identities.

User feedback: Abnormal is popular with users, who particularly reference the user interface, easy deployment and powerful threat protection.

The bottom line: Abnormal is a powerful email security platform and a leading alternative to email security gateway providers. Recognized as a ‘Microsoft Preferred Solution’ and selected by Microsoft for its email defense capabilities, Abnormal is trusted by over 15% of Fortune 500 organizations.

• Abnormal was founded in 2015 and secures over 2,000 organizations.

Libraesva ESG is an integrated email security solution which uses multiple protective layers to protect Microsoft 365, Exchange, and Google Workspace.

How it works: Libraesva can be deployed at both the gateway and API layers, protecting internal email communications, as well as outbound and inbound messages before they reach the inbox.

Who it’s for: Mid-sized and large enterprises or educational clients looking for cost-effective email protection with high levels of visibility and customization.

What we like: Libraesva offers a multi-layered solution with a range of capabilities to protect against email fraud, phishing, and BEC.

• Spoofing protection, including SPF, DKIM, and DMARC authentication analysis allowing you to identify and block imposters.
• Admin console provides enhanced visibility into email attacks and trend data for the organizations, benchmarked against Libraesva global data.
• Prevents delivery of malicious files & URLs via deep inspection and documentation sanitation and intelligent link scanning.
• Email continuity, with mobile app for managing M365, Exchange, and Google Workspace.

Additional features: Libraesva also offers email encryption, an email archiving service, a phishing awareness training service, and a comprehensive DMARC protection platform.

User feedback: Users particularly highlight Libraesva for its ease of management, deployment, and comprehensive policies.

The bottom line: Libraesva ESG delivers advanced protection for cloud-based email platforms with complete protection against advanced threats and attacks and is easy to deploy, with granular configurability.

• Libraesva was founded in 2013 and protects over 20,000 users globally.

Proofpoint Essentials is a leading email security solution that covers email and spam filtering, phishing protection, encryption, archiving and continuity, delivered as a single platform, with a single admin console.

How it works: Essentials includes a cloud-based secure email gateway solution, which is deployed inline at the MX-record layer. Emails are directed to Proofpoint’s servers, scanned and delivered safely to inboxes. Proofpoint have also recently added an API-based component for inbox-level scanning.

Who it’s for: SMBs and MSPs looking for a comprehensive email filtering service with easy set-up, deployment, and competitive pricing. Proofpoint is a good option for teams using M365, as it offers Azure Active Directory Sync.

What we like: In our testing, we found Proofpoint to provide extremely effective protection against email threats, with effective spam protection and detection, powerful URL defense and dynamic content filtering.

• Other vendors rely on third party threat intelligence, which can be less accurate. Proofpoint collect and analyze more than 100 billion data points a day from more than 100 million email inboxes, 200 million social-media accounts, and 7 million mobile apps.
• Proofpoint’s admin console is modern, providing granular controls and improved threat reporting.
• Premium features include one-click message pull, predictive URL defense, BEC protection, and predictive warning banners.

Additional capabilities: Essentials is a cost-effective solution, with capabilities such as security awareness training archiving and encryption that would otherwise be expensive add-ons.

The bottom line: With Essentials, Proofpoint provides organizations with enterprise class email security at a cost effective price point.

• Proofpoint is the world’s largest email security vendor, with annual revenues of over $1bn.

Material Security takes an innovative approach to email security, securing sensitive data inside the email inbox as well as inbound email threats such as phishing.

How it works: Material uses machine learning systems, user reports, and customizable language-based rules to detect malicious email content. It also detects sensitive email content and enforces user authentication to control access.

• Material is deployed via API. It sits alongside the native filters provided by M365 or Google Workspace, rather than replacing them. Material can also be run as a fully isolated, private cloud instance.

Who it’s for: Material is used by organizations of all sizes. It can be deployed to all users, or to a subset of ‘VIP’s, who require additional inbox protection.

What we like: Material is an innovative email security platform. It provides granular protection for sensitive email content as well as stopping phishing attacks.

• Scans all historical email content to identify what sensitive data is being stored by users within their inbox and enforces MFA to ensure that it cannot be compromised.
• Provides protection against account takeover attacks by identifying password reset links and 2FA codes sent via email in real-time and enforcing an additional authentication layer.
• Provides a comprehensive overview of all email accounts and flags poor security behaviors, such as forwarding emails to personal email domains.

Additional capabilities: Data protection capabilities also cover Google Drive. Material can be integrated with SIEM, SOAR, user authentication, and awareness training solutions.

User feedback: Material is highly rated for its in-depth integrations, customer support, and comprehensive suite of protection features.

The bottom line: Material is an innovative email security platform with a unique feature set around email security data protection. It can be deployed in less than 30-minutes and requires no MX-record changes.

• Material was founded in 2017 and is used by leading global brands.

Mimecast offer one of the most fully featured SEG solutions on the market as well as a cloud-native integrated email security solution designed specifically for M365 protection.

How it works: Mimecast offer both cloud native email security solution that can be deployed directly into M365 via API integration and a cloud-deployed secure email gateway service, which offers advanced admin features.

Who it’s for: Mimecast is a strong option for enterprise organizations looking for comprehensive email protection.

What we like: Mimecast is one of the leading vendors in terms of threat research and analysis, monitoring over a billion email every day. This gives them a clear edge when it comes to protecting the email channel against malware and phishing across all their security products.

• Robust protection against phishing, malicious URLs and attachments, and spam.
• Integrates browser isolation technologies to prevent web-based malware sent via email channels.
• Low rate of legitimate emails being falsely marked as spam and a high rate of spam and virus blocking.

Additional capabilities: Mimecast offer several other email security solutions, including email continuity, email archiving, risk management, insider threat protection, and DMARC protection.

User feedback: Customers report that Mimecast is quick to deploy, with highly effective email filtering controls.

The bottom line: Mimecast offers a comprehensive email security platform with effective controls for email filtering and phishing protection.

• Mimecast is a leading vendor in the email security space, protecting more than 40,000 organizations globally.

Barracuda are a popular email security provider that offer a comprehensive and cost-effective email security platform.

How it works: Barracuda combines both a cloud-based secure email gateway and API-based inbox level defenses. It’s uses threat detection algorithms and AI to detect email threats in real time.

Who it’s for: SMBs, enterprises, and MSPs looking for an all-in-one email security solution for M365.

What we like: Barracuda leverages AI-powered engines to provide strong protection against all types of threats, with comprehensive admin controls and visibility.

• Strong email protection, using static analysis and sandboxing to protect against both known and unknown threats.
• Stops phishing and impersonation attempts by using AI engines to flag messages containing suspicious and harmful content.
• Protects against malicious URLS with integrated DNS filtering capabilities.

Additional capabilities: Barracuda offer email encryption and archiving, security awareness training, backup for M365, and Zero Trust remote access for Microsoft 365 applications, which continuously verifies user identities to prevent ATO attacks.

User feedback: Customers particularly recommend Barracuda for its customer support, with many reporting that the team is quick to respond and knowledgeable. Barracuda also offers an SMB focused solution: Barracuda Essentials.

The bottom line: Barracuda offers an enterprise-level, multi-layered email security stack for protecting Microsoft 365, at a cost-effective price point.

• Barracuda Networks was founded in 2003. They support over 200,000 global customers.

Leading cybersecurity and technology company Cisco offer a cloud-based email security gateway that secures teams against business email compromise and phishing attacks.

How it works: Cisco Secure Email is cloud-based SEG which is deployed at the MX-layer level. It uses multi-layered detection engines to filter and remediate malicious email content. Cisco also offers an API-based inbox level solution with Cisco Cloud Mailbox.

Who it’s for: Cisco is a strong fit for SMBs and mid-sized organizations, right up to enterprise. The platform is available in three packages with varying features depending on your requirements.

What we like: Cisco offer strong threat analytics and powerful email filtering. Cisco operate one of the industry’s biggest threat intelligence platforms: Talos, which collects data on over 600 billion emails every day.

• Highly effective ransomware protection and real-time URL analysis to protection against phishing links.
• Domain and reputation protection and effective graymail spam protection.
• Automatic remediation of malicious content from inside the email inbox.
• Reporting, search, and policy-based email controls are available from an integrated admin dashboard.

Additional capabilities: One of its core benefits is the tight integration across Cisco’s broad portfolio of market leading security solutions. This includes threat detection and remediation (Cisco Secure X), endpoint security (Cisco Secure Endpoint), SIEM (Splunk), and identity controls (Cisco Duo).

User feedback: Customers report that Cisco Secure Email is easy to use, provides effective protection from spam, and BEC. They also praise the high level of availability that Cisco delivers.

The bottom line: Cisco Secure Email is a comprehensive solution and alongside Cisco’s enterprise security products can be used as part of an integrated organization-wide cybersecurity suite.

• In July 2023 Cisco completed its acquisition of Armorblox, an AI-powered email security platform which is now integrated across Cisco’s email security portfolio.

Defender for Office 365 is Microsoft’s cloud-based email filtering service that augments the default protection offered by the M365 email platform.

How it works: Defender is a seamless integration for M365 users. It scans for malicious threats, URLs, files, and apps in emails, SharePoint, OneDrive, and Teams. It’s sold as an add-on service or is available as standard with some M365 subscriptions.

Who it’s for: SMBs looking to improve phishing and BEC detection, block malicious URLs, and protect files within Microsoft Teams, without purchasing a third-party service.

What we like: Microsoft have developed effective AI engines to automate threat protection, enforce anti-phishing policies, anti-malware protection, and URL scanning.

• Native integration and straightforward deployment for M365; threat protection extends across M365 apps.
• Threat protection policies, reports and investigation, and response capabilities that businesses would not otherwise get with M365 natively.
• Improves detection rates for phishing attempts and BEC.

Additional capabilities: The solution integrates with Microsoft’s Defender XDR endpoint detection and response platform and includes phishing attack simulation on certain subscriptions. It also integrates with Microsoft’s cloud-native SIEM – Microsoft Sentinel for aggregated data and alerting.

User feedback: Customers typically highlight the ease of use and admin policies, but some note that there can be false positives.

The bottom line: Microsoft have invested heavily in Defender for Office 365, and the solution is a strong choice for SMBs looking to invest in an enhanced email security suite for M365.

• Microsoft Defender for O365 was launched in 2020, and is an evolution of Microsoft’s previous enhanced email security module, Office 365 ATP.