IRONSCALES is an exceptional solution to prevent phishing attacks due to the strength of Themis, it's AI-powered email security platform.
IRONSCALES is a phishing protection solution, not a traditional spam filter. The platform’s goal is to identify and block advanced email threats such as spear phishing, business email compromise, and account impersonation, and it does this very well. Like a scalpel, IRONSCALES precisely and accurately removes targeted phishing threats. With the IRONSCALES email security platform, businesses can effectively secure their users’ inboxes against targeted threats, as well as educate their users on the risks of email threats via warning banners (and, where needed, security awareness training). IRONSCALES is an exceptional solution to prevent phishing attacks due to the strength of Themis, it's AI-powered email security platform.
IRONSCALES is a US-based cybersecurity provider that specializes in cloud email security but has expanded their offering to include security awareness training and protection for the Microsoft Teams cloud messaging platform. The IRONSCALES email security platform works at the mailbox level to identify suspicious email activity and either warn users that an email may be unsafe, or automatically remove threats from all user inboxes. Powered by a combination of artificial intelligence and crowd-sourced human intelligence, IRONSCALES offers effective protection against sophisticated phishing attacks, account compromise, and VIP impersonation.
IRONSCALES operates at the mailbox level within Microsoft 365 and Google Workspace. This means that any emails it scans have already been scanned by Microsoft or Google for SPF, DKIM and DMARC authentication checks plus any spam and malware scanning operated on those platforms.
The platform uses machine learning to detect highly targeted emails that may have slipped through. To do this, IRONSCALES’ machine learning engines use contextual analysis to identify malicious or unusual behaviors, considering factors such as domain, send time, attachments, sender location, and content language. Emails that are flagged as malicious—even though they may have come from a legitimate domain—are blocked as phishing, without having to block all emails from that sending domain.
IRONSCALES’ Email Protect and Complete Protect packages include malware scanning of attachments and URL links; however, IRONSCALES doesn’t offer “click to scan” for URL links, which some other platforms offer.
When a threat is detected in your user’s inbox, IRONSCALES remediates that threat across the inboxes of all their clients, not just your organization. This is one of the platform’s key differentiators, and one of the main reasons why it is so effective. If another IRONSCALES client reports an email as phishing, their IT team can make a note on why that email has been classed as phishing. IRONSCALES then pushes out this intelligence automatically to all their clients, enabling them to detect phishing emails that would otherwise be missed by computer scanning. This is true of threats detected by IRONSCALES’ machine learning engines, as well as those reported by users via the “Report phishing” button.
If an email is flagged as suspicious but is delivered to a user’s inbox in line with policies, IRONSCALES automatically injects a warning banner at the top of the email with details on its risk level. The banner indicates whether the email is high risk and why, e.g., the email is from a first-time sender, includes language typical of compromise attempts, or may have been sent from a spoofed address. This ensures that the user is aware of the risk and interacts with the email with caution.
Admins can customize banners to add their company logo and escalation point of contact details.
Admins can implement IRONSCALES’ “Report phishing” button directly within each user’s inbox. This works on all devices and allows users to report suspicious emails—both phishing simulations and genuine threats—to their IT or security team. When an end user reports an email, IRONSCALES will either quarantine the email or inject a warning banner where other users have received the same or a similar email, as per admin-configured policies.
This button is extremely easy for end users to interact with, and helps to reduce dwell time of threats, while enabling admins to easily monitor the results of phishing campaigns when users are also utilizing IRONSCALES for security awareness training. You can read our full review of IRONSCALES Security Awareness Training here.
If an email reaches a user’s inbox but then is subsequently flagged as phishing, IRONSCALES can automatically remove that email from the inboxes of all users that have received it.
IRONSCALES clusters similar types of email, so if several users have each received a phishing email that is subtly different, IRONSCALES can detect this and delete the emails together. This ability to cluster and remediate is a powerful feature that can save admins in larger organizations a lot of time in dealing with phishing attacks.
As part of the Complete Protect package, IRONSCALES scans all links shared in Microsoft Teams and automatically blocks any malicious content, replacing it with an alert that warns the user as to why the link was blocked. Admins are alerted to all security events within Teams via email, and can access reporting on incidents via the management dashboard and mobile app.
IRONSCALES’ email security platform is compatible with both Microsoft 365 and Google Workspace.
The platform integrates seamlessly with Microsoft 365 environments via Graph API, without the need to configure new mail flow rules or change MX records. Deployment within Microsoft 365 takes around 5-10 minutes. In a Google environment, it takes up to an hour.
The platform offers lots of powerful functionality, but the user interface takes some getting used to. Since the product was first launched, IRONSCALES has developed and evolved, with lots of new features being added. Each time a new feature has been added, they’ve added new tab, menu, or dashboard options, making the user interface somewhat cluttered and occasionally tricky to navigate.
IRONSCALES is available via three packages, but note that the email security features are only available within two of these:
These prices are based on businesses with under 500 mailboxes. IRONSCALES offers volume discounts for larger organizations, and special pricing for education and government institutions, which can be found on their website.
IRONSCALES is offers highly effective protection against advanced email threats such as spear phishing and business email compromise, as well as security for Microsoft Teams to help identify and remediate account takeover attacks. It is not a spam filtering solution and should be used alongside an email gateway solution to prevent sophisticated attacks that a traditional gateway cannot detect. Its ease of deployment and ongoing management make IRONSCALES suitable for small- and mid-sized businesses, but the platform is also highly scalable and well-suited to serving larger enterprises.
Because of its easy, native integration with Microsoft 365 and support for Microsoft Teams, we particularly recommend IRONSCALES as a strong phishing protection solution for organizations using an Exchange or Outlook email client.
IRONSCALES is not a spam filtering solution; it is a phishing protection solution. The platform was designed to identify and remediate advanced email threats such as spear phishing and business email compromise, and it does this very effectively, precisely and accurately removing targeted phishing threats like a scalpel. The platform is feature rich and—though the interface is a little cluttered and takes some getting used to—enables businesses to effectively secure and monitor their users’ inboxes for targeted threats, as well as educate users on the risks of email threats via warning banners.
IRONSCALES as a strong phishing protection solution for organizations of any size using Microsoft 365 or Google Workspace for email. We recommend that any organizations looking for heightened protection against social engineering attacks consider implementing IRONSCALES to bolster their existing email security gateway.
API within Office 365 & G Suite, Install on Exchange