CloudMore News

Sophos adds deep learning to Email Advanced solution

Sophos adds deep learning to Email Advanced solution

Sophos has announced Sophos Email Advanced, the first email protection solution to offer predictive security with active threat protection (ATP), anti-phishing email authentication and outbound scanning and policy support

Sophos, a global leader in network and endpoint security, has announced Sophos Email Advanced, the first email protection solution to offer predictive security with active threat protection (ATP), anti-phishing email authentication and outbound scanning and policy support.

SophosLabs research discovered that 75% of malware in an organisation is unique to that organisation which indicates the majority of attacks are zero-day.

The only way to combat that is with the deep learning neural network that is integrated into the Sophos Email sandboxing technology to quickly identify never-before-seen malicious files sent in email.

Email continues to be a primary attack vector for cybercriminals to launch a spear-phishing, localised or ‘spray and pray’ campaign.

Sophos processes data from more than ten million inboxes protected by Sophos Email every day. Approximately 80% of the emails categorised as spam are found to have a malicious payload. As we’ve seen over the past few years, email is also the primary method used to spread ransomware.

A recent study by Sophos showed that more than 50% of organisations worldwide have suffered a ransomware attack in the last 12 months.

Sophos Email Advanced includes CryptoGuard technology in the sandbox to stop ransomware before it makes it to your employee’s inboxes. Another primary defence against ransomware and phishing attacks is Time-of-Click protection, which scans the URL at the time of click, preventing stealthy and delayed attacks.

Outbound scanning and multiple policy support can prevent a compromised organisation from unintentionally forwarding malware or sending spam out to customers or partners, reducing the community impact of an attack and protecting an organisation’s reputation.

“With the growth of cloud-based platforms such as Office365 and Google G-Suite, organisations need an advanced security solution that detects zero-day threats and advanced malware. Ransomware-as-a-Service (RaaS) and packaged malware kits have made it easier for cybercriminals to customise and deliver more complex, targeted attacks through email,” said Bill Lucchini, Senior Vice President and General Manager, Messaging Security Group at Sophos.

“IT needs smarter, predictive security to detect and stop today’s threats. Sophos Central cloud-based management of Sophos Email Advanced can deliver the highest levels of protection to secure any email platform, allowing every user to trust their inbox again.”

When managed through the Sophos Central management platform, Sophos Email is a key pillar of an integrated data protection system for the end user. IT professionals can manage Intercept X endpoint protection alongside Sophos Email Advanced and Phish Threat user awareness training, providing a stronger defence to detect and block threats and train users against being the weakest link in their security strategy.

Threat data from Sophos Email Advanced can enhance synchronised security intelligence and contribute to the overall community intelligence within SophosLabs.

New features in Sophos Email include:

Active threat protection (ATP)

  • Sophos Sandstorm cloud sandbox and advanced URL protection
  • Artificial intelligence built into Sophos Email sandboxing is able to detect and block unknown malware
  • Time-of-Click advanced URL protection checks the website reputation or email links before delivery and at the time you click – blocking stealthy, delayed attacks

Anti-phishing email authentication

  • Combination of SPF, DKIM and DMARC authentication techniques and email header analysis
  • Sender Policy Framework (SPF) to declare and verify who can send e-mails from a given domain
  • Domain Keys Identified Mail (DKIM) e-mail authentication system based on asymmetric cryptographic keys
  • Domain Message Authentication Reporting and Conformance (DMARC) to determine what to do when messages fail SPF or DKIM checks

Outbound scanning and multi-policy support

  • Spam and virus scanning of outbound email scans to prevent unintended distribution of threats and protect reputation
  • Customised security policies can be created for individuals, groups or the whole domain in minutes

Deployment and data processing location options

  • Available through Sophos Central cloud-based management platform
  • Sophos Secure Email Gateway can be deployed as an on-premise appliance or within the newest version of the Sophos XG Firewall
  • Message processing centers in Ireland, USA and Germany
  • Sophos Sandstorm locations in Ireland, USA and Japan