Egress Defend datasheet

Behavior-based email security that detects and prevents advanced phishing attacks
Published on 30th May 2024

Egress Defend uses AI to detect and prevent the full spectrum of advanced phishing attacks. Leveraging machine learning, natural language processing, and natural language understanding, Egress Defend detects the attacks that get through native security and Secure Email Gateways, including business email compromise.

Part of the Egress Intelligent Email Security suite, Egress Defend leverages an adaptive security architecture, automatically adjusting its security controls based on real-time risk assessments.

Key benefits:

  • Protects organizations against the full spectrum of phishing attacks
  • Uses an adaptive secure architecture to automatically adjust inbound security controls based on risk
  • Real-time teachable moments augment security awareness and tangibly reduce risk
  • Significantly lowers administration overhead with intelligent self-learning threat detection
  • Increases employee productivity with automatic classification and relocation of graymail
  • Augments MS 365 native security to detect advanced phishing attacks
  • Automated deployment in the mail flow to avoid the risks inherent in API-only implementations
  • Lowers time to respond and remediate email-related incidents
Egress Defend dashboard interface, showing dangerous and suspicious emails in your organization in numbers and charges, top types of phishing and more

Actionable intelligence for rapid incident investigation

Intelligent anti-phishing detection

Egress Defend inspects emails using a combination of intelligent technologies, including machine learning, social graph and natural language processing. By learning email behaviour patterns, it detects anomalies that are indicative of advanced phishing threats that get through native email security and secure email gateways.

This allows Defend to detect email attacks early in the cyber kill chain, protecting against threats such as ransomware. Defend’s self-learning detection technologies require minimal configuration and ongoing maintenance from admins. Plus, M-SOAR capabilities provide actionable intelligence for rapid incident response and remediation to reduce MTTR.

Key benefits:

  • Detects and prevents advanced phishing attacks that evade existing email security
  • Protects against ransomware by detecting email attacks early in the cyber kill chain
  • Detects anomalous behaviours using intelligent technologies, including machine learning and natural language processing
  • Detects QR codes within emails to protect users from quishing attempts
  • Engages and empowers users with color-coded, contextual warnings embedded in emails
  • M-SOAR capabilities enable rapid incident investigation and remediation
  • Augments existing email security or the native security provided by your email platform


Unlock more value from your existing technology ecosystem investment through native Egress integration with Microsoft 365, SIEM/SOAR, Security Awareness & Training and more.

Dynamic anti-phishing controls that lower admin overhead

The Egress Security Center provides on-demand visibility of each user’s risk level, including a human risk score generated using aggregated data from Egress Defend, open-source intelligence, and other solutions within an organization’s security ecosystem. When a user’s risk score reaches a high-risk threshold, Egress Defend will dynamically adapt its controls to prepare customers for phishing threats before they materialize.

Reduce user friction by engaging only when risk is evident

Egress Defend engages users with contextual, color-coded warning banners embedded in neutralized phishing emails.

These real-time teachable moments reinforce security awareness training at the point of risk using real threats, increasing its effectiveness and helping to realize a better ROI. People are educated on why a phishing email has been flagged as dangerous, instead of it being automatically quarantined.

Download PDF