Email SecurityOn-Premises and Cloud Email Security

Adaptive, intelligent, scalable defense against email-borne threats

Most cyber attacks begin with a single email. And traditional email security systems often fail to detect ransomware, sender impersonation, credential phishing, typosquatting, and other malicious URLs (links) and malware-laden attachments in those emails.

FireEye Email Security is a store-and-forward email analysis solution (MTA) that:

  • Reduces risk of unauthorized access to your people, data and assets
  • Protects your brand and reputation by preventing high-profile breaches
  • Provides the what, who and why of threats and threat actors, optimizing valuable security resources
  • Offers on-premise, cloud and hybrid deployment options
Anatomy of a Spear-Phishing Attack

Anatomy of a Spear-Phishing Attack

Find out how spear-phishing emails are crafted to infiltrate your network and what you can do to protect against them. (video - 3:46 min)

Ineffective email security leads to business disruption

Cyber criminals choose to hide malicious URLs and attachments among the 2151 billion emails we exchange every day. Their attacks can evade anti-spam (AS) filters, anti-virus (AV) software and traditional email security measures. In fact, 91% of cyber crimes begin with a single email 2.

Outdated email defenses such as commodity intelligence, AS filters and AV software give organizations a false sense of security. Attackers take advantage of their overconfidence. Many email security products cannot detect or prevent spear-phishing email campaigns. From ransomware and exfiltration of proprietary data, to credentials harvesting throughout the organization, spear-phishing emails are a reliable and effective way to initiate advanced, targeted attacks. Malware delivered via email can stealthily establish a foothold in companies and operate for months before being detected.

fireeye-infographic-spear-phishing-thumb

FireEye Email Security Advanced Threat Console

FireEye Email Security Advanced Threat Console

Spear phishing, ransomware and other targeted threats

Through well-researched social engineering, attackers craft spear-phishing messages that can convince even the most knowledgeable users to click on a link or open an attachment. Sophisticated criminals use spear-phishing emails as their tool of choice and as the first step for targeted attacks that may include ransomware, sender impersonation, credential phishing and typosquatting, which takes advantage of common spelling or visual errors to present users with malicious domain names that appear to be legitimate, well-known sites.

Ransomware attacks via email are becoming more prominent and effective. Ransomware, once activated, encrypts victim data or computing resources, preventing the victim from accessing those resources until a ransom is paid. The custom encryption used in these attacks can frustrate even law enforcement agencies. FireEye Email Security protects organizations from ransomware by preventing malicious email from reaching intended targets.

Highly advanced threat actors also devise attacks that shift from email traffic to Internet or intranet traffic to quietly infect other machines or communicate with command-and-control servers. These multi-flow, multi-stage attacks are nearly impossible for traditional security solutions to pinpoint. Such solutions only look for specific bits of code or obvious signs of compromise. A critical individual step in the attack process may be deemed innocuous and therefore completely ignored.


True protection from email-borne attacks

Without the ability to identify, analyze and expose targeted campaigns, attacks cannot be stopped before they reach their victims. FireEye Email Security closes this security gap with timely, comprehensive FireEye intelligence, and proactive inspection of emails for zero-day exploits, malware hidden in archive and other attachments, malicious URLs and behavioral anomalies.

FireEye Email Security reduces the risk of email-borne cyber attacks, targeted at your people, data and assets, to protect your intellectual property, brand and reputation. Because FireEye Email Security is easy to deploy and configure it reduces your operational costs and increases the effectiveness of your security teams.

Email Threat Prevention Cloud Dashboard

Email Threat Prevention Cloud Dashboard


Choose your solution

On-premise email security

FireEye Email Security (EX series) is an on-premise appliance that protects organizations from advanced email attacks. To block spear-phishing emails, FireEye Email Security analyzes every attachment and URL using the purpose-built FireEye Multi-vector Virtual Execution™ (MVX) engine.

Comprehensive FireEye Advanced Threat Intelligence (ATI), which includes real-time updates from the entire FireEye security ecosystem combined with attribution of alerts to known threat actors, provides the context required to help prioritize and act on critical alerts. It also supports importing custom YARA rules to analyze threats specifically targeted at an organization.

Cloud email security

With no hardware or software to install, FireEye Email Threat Prevention Cloud (ETP) is an ideal solution for organizations migrating their email — either partially or completely — to the cloud. It eliminates complexity, supports business agility and can be deployed in minutes.

FireEye ETP integrates seamlessly with cloud-based email systems, allowing businesses to easily move from an on-premise email system to a cloud solution such as Office 365 with Exchange Online Protection. While Exchange Online Protection does include basic security at a nominal cost, today’s targeted attacks require a stronger email defense. When combined with Exchange Online, FireEye ETP provides comprehensive protection from targeted attacks faster and more accurately than Exchange Online Protection alone.


Powered by Proven Intelligence

FireEye Email Security integrates with the entire FireEye platform to share actionable threat intelligence in real time. It provides valuable insights that can be applied across your organization, from alert prioritization to corporate risk management.

The MVX engine performs over 50 billion virtual machine analyses daily and updates the FireEye global ecosystem, which includes FireEye Email Security, every 60 minutes with its findings. The FireEye Dynamic Threat Intelligence (DTI) cloud gathers and distributes this new threat intelligence to the MVX engine every hour to catch evolving threats.

FireEye Email Security can be configured to include Advanced Threat Intelligence (ATI), which delivers information correlating validated alerts to known threat actors and their tactics, techniques and procedures (TTPs). This context gives your security teams the information and guidance they need to respond to threats far more quickly than they could with an isolated alert.

Close the Gap with FireEye Email Security

FireEye Email Security protects people, data and assets from ransomware, impersonation fraud, typosquatting, credential phishing and evasion using password-protected files. The MVX engine analyzes emails for hard-to-detect exploits and attacks hidden in attachments and URLs. This detection takes place in real time, immediately blocking attacks while providing security practitioners with relevant insights into cyber attacks and the criminals that launch them. Controlled live-mode analysis detects attacks that span multiple phases, involve encrypted malware, and those seeking to evade sandbox and emulation technologies. Retroactive alerts are provided for malware objects discovered to be malicious based on emerging intelligence.

FireEye Email Security integrates easily with FireEye Network Security to protect organizations from blended attacks. Together, they correlate emails leading to malicious content with network traffic to link web-based attacks back to an original spear-phishing email and threat actor.

FireEye Email Security capabilities continue to evolve and expand alongside the entire FireEye portfolio to meet the diverse needs of organizations of all sizes and security maturities.

“FireEye platforms detect compromises within minutes and quarantine malicious files or emails, and then enable us to quickly track down affected machines and contain the threat, even when devices are off-network.”

- Government Research Firm


Understand Why Spear Phishing Attacks Are Successful and How to Stop Them

A practical how-to guide for combating spear phishing threats.

Download White Paper 

Advanced Security for Cloud-Based Email Services

Learn why cloud-based email is a prime vector for advanced attacks and how you can strengthen your email security.

Download White Paper 

Frost & Sullivan Advanced Malware Sandbox Market Analysis

Advanced malware uses evasion techniques to bypass traditional security methods. See how FireEye is the market leader in advanced malware sandbox detection technology.

Read the excerpt 

Defend Against a New Breed of Email-Based Cyber Attacks

Gartner offers best practices for email security.

Download Now 


1 http://www.radicati.com/wp/wp-content/uploads/2015/02/Email-Statistics-Report-2015-2019-Executive-Summary.pdf

2 https://www.wired.com/2015/04/hacker-lexicon-spear-phishing