Stop advanced phishing attacks with Egress Defend

• Contextual HTML warning banners. Color-coded (heat-based) warning system immediately alerts users to the level of risk when engaging with an email.

• Real-time teachable moments. Simple language explains which aspects of an email indicate a threat, providing employees with coaching-in-context at the point of risk and augments into Security Awareness and Training (SA&T).

• Cross platform. Optimized to provide advanced protection on any device or interface (desktop, mobile, and web).

• M365 integration. Integrates seamlessly into MS Outlook apps on Windows Desktop, Mac, iOS, and Android, including integration with MS Safelinks.

• Interactive prompts. Users can be prompted if they attempt to violate advice by integrating with Egress Prevent.

• Intelligent recommendations. Provides intelligence and actions to the user based on the threat level.

• Link rewriting. Stops time-based attacks by rewriting links and checking at time-of-click. Unsafe links are redirected to a warning page with contextual details and used as teachable moments.

• Real-time cyber intelligence. Tailor threat models, assess risks, and roll out additional security measures based on the most up-to-date threat data

• Detailed reporting and analytics. Provide clear visibility into potential threats targeting individual users

• User risk. Highlight the users that are the highest risk within an organization and offer actionable insights

• Trending and abnormal behaviour. Provides actionable insights into unusual trends and behavior at both organization, departmental and individual level

• Threat landscape. Threats are broken down by type and severity to pinpoint areas of immediate concern and demonstrate ROI

• User interaction. Detailed reporting on end user interaction with dangerous emails.

• Communication history. Track and report on end user email communication history detecting attacks such Business Email Compromise (BEC)

• SIEM & SOAR. Output log and threat intelligence data directly into an existing SIEM/SOAR/SOC

Email is a critical part of every business and even small email delays can have a big impact. That’s why Defend is architected with high availability and redundancy at its core, ensuring that your emails are quickly inspected and that they are always delivered.

Defend achieves this by making use of a modern cloud-native architecture in AWS. This utilizes availability zone (which are isolated locations within a region, each being geographically separated), as well as completely independent power, networking, and cooling infrastructure to ensure full redundancy.

The Defend system also makes use of sophisticated SMTP retry and error handing logic, which ensures that if, for example, Microsoft 365 is down, the emails will be properly retried and sent as soon as Microsoft 365 is available again.

This results in Defend being highly available and resilient to infrastructure failures without negatively impacting you, as well as adhering to SMTP/email best practices ensuring your emails always get delivered in a timely manner.

Using the Egress Defend API, integration into a SIEM/SOAR makes it simple to report alongside existing security tools. Egress Defend can output log data in a range of formats via API. For Native Microsoft customers, there is also a Microsoft Sentinel connector available on Azure marketplace.

Egress Defend leverages Microsoft Graph to provide post-delivery remediation capability for administrators. This includes the ability to group and delete heterogeneous phishing events across multiple mailboxes and geographies.