Upgrade Magazine

HEADLINES

Sophos’ email security software just got smarter with artificial intelligence

Sophos has announced Sophos Email Advanced, the first email protection solution to offer predictive security with active threat protection (ATP), anti-phishing email authentication, and outbound scanning and policy support. 

SophosLabs research discovered that 75 per cent of malware in an organization is unique to that organization which indicates the majority of attacks are zero-day. The only way to combat that is with the deep learning neural network that is integrated into the Sophos Email sandboxing technology to quickly identify never-before-seen malicious files sent in email.

Email continues to be a primary attack vector for cybercriminals to launch a spear-phishing, localized or ‘spray and pray’ campaign. Sophos processes data from more than ten million inboxes protected by Sophos Email every day. Approximately 80 per cent of the emails categorized as spam are found to have a malicious payload. As we have seen over the past few years, email is also the primary method used to spread ransomware.

A recent study by Sophos showed that more than 50 per cent of organizations worldwide have suffered a ransomware attack in the last 12 months. Sophos Email Advanced includes CryptoGuard technology in the sandbox to stop ransomware before it makes it to your employee’s inboxes. Another primary defense against ransomware and phishing attacks is Time-of-Click protection, which scans the URL at the time of click, preventing stealthy and delayed attacks. Outbound scanning and multiple policy support can prevent a compromised organization from unintentionally forwarding malware or sending spam out to customers or partners, reducing the community impact of an attack and protecting an organization’s reputation.

New features in Sophos Email include:

Active Threat Protection (ATP)

  • Sophos Sandstorm cloud sandbox and advanced URL protection  
  • Artificial intelligence built into Sophos Email sandboxing is able to detect and block unknown malware. 
  • Time-of-Click advanced URL protection checks the website reputation or email links before delivery and at the time you click –blocking stealthy, delayed attacks
  • Time-of-Click advanced URL protection checks the website reputation or email links before delivery and at the time you click –blocking stealthy, delayed attacks

Anti-Phishing Email Authentication

  • Combination of SPF, DKIM, and DMARC authentication techniques and email header analysis 
  • Sender Policy Framework (SPF) to declare and verify who can send e-mails from a given domain
  • Domain Keys Identified Mail (DKIM) e-mail authentication system based on asymmetric cryptographic keys
  • Domain Message Authentication Reporting & Conformance (DMARC) to determine what to do when messages fail SPF or DKIM checks

Outbound Scanning and Multi-Policy Support

  • Spam and virus scanning of outbound email scans to prevent unintended distribution of threats and protect reputation
  • Customized security policies can be created for individuals, groups or the whole domain in minutes

Deployment and Data Processing Location Options

  • Available through Sophos Central cloud-based management platform
  • Sophos Secure Email Gateways can be deployed as an on-premise appliance or within the newest version of the Sophos XG Firewall
  • Message processing centers in Ireland, USA, and Germany
  • Sophos Sandstorm locations in Ireland, USA, and Japan

Sumit Bansal, Managing Director of ASEAN and Korea at Sophos said, “We’ve seen cloud-based platforms such as Office365 and Google G-suite grow at an exponential rate. However, with these rates of growth, organisations need to ensure that they have advanced security solutions that can keep up, adapt, and work seamlessly with the growth. These solutions need to be able to detect zero-day threats and the increasingly advanced nature of today’s malware. Cybercriminals now have access to threats that are customisable to deliver more complex attacks, and we’ve seen these in the form of Ransomware-As-A-Servce (Raas) and packaged malware kits targeting emails specifically. Regardless of size, every organisation’s IT department will need to deploy smarter, predictive security to detect, deal and deny today’s sophisticated threats. Solutions such as Sophos Email Advanced, managed through the Sophos Central cloud can deliver the highest and most efficient protection to secure their email platforms.”

When managed through the Sophos Central management platform, Sophos Email is a key pillar of an integrated data protection system for the end user. IT professionals can manage Intercept X endpoint protection alongside Sophos Email Advanced and Phish Threat user awareness training, providing a stronger defence to detect and block threats, and train users against being the weakest link in their security strategy. Threat data from Sophos Email Advanced can enhance Synchronised Security intelligence and contribute to the overall community intelligence within SophosLabs.

Enedel Rivera, Service Desk Supervisor, Lanspeed, who participated in the early access program for Sophos Email Advanced, said, “We have seen first-hand that Sophos Email Advanced can stop malware that could previously penetrate systems easily. Through the beta program, we found Sophos Email Advanced is highly effective in reducing the amount of spam that could reach end users and this solution is effortlessly managed within Sophos Central.”

Gavin Wood, Technical Director, Chess ICT who also participated in the early access program said, “We work hard to stay current on the latest security technology, especially with the ever-evolving threat landscape. As a Sophos partner, we are continually impressed by the product roadmap and consistent solution improvements. Sophos Email Advanced is highly effective in stopping even the most advanced malware and reducing the amount of spam reaching end users. We look forward to offering Sophos Email Advanced to our clients, where email protection can be seamlessly managed within Sophos Central.”

To sign up for a free 30 day trial, click here.

To Top