Email SecurityOn-Premises and Cloud Email Security
Adaptive, intelligent, scalable defense against email-borne threats
Most cyber attacks begin with a single email. And traditional email security systems often fail to detect ransomware, sender impersonation, credential phishing, typosquatting, and other malicious links and malware-laden attachments in those emails.
FireEye Email Security:
- Reduces risk of unauthorized access to your people, data and assets
- Protects your brand and reputation by preventing high profile breaches
- Provides the what, who and why of threats and threat actors, optimizing valuable security resources
- Offers on-premise, cloud and hybrid deployment options
Anatomy of a Spear-Phishing Attack
Find out how spear phishing emails are crafted to infiltrate your network and what you can do to protect against them. (video - 3:46 min)
Ineffective email security leads to business disruption
With 2.6 billion emails exchanged every day, cyber criminals
increasingly choose to hide malicious links and attachments in email
to evade spam filters, antivirus (AV) software and traditional email
security measures. In fact, 91% of cyber crimes begin with a single
Many email security products cannot detect or prevent spear-phishing email campaigns. Using email, threat actors can gain access to an organization’s most sensitive and important information. From ransomware and exfiltrating proprietary data, to harvesting credentials throughout the organization, email is a reliable and effective delivery method for advanced, targeted attacks. The malware that email leads to can stealthily establish a foothold in companies and operate for months before being detected.
FireEye Email Security Advanced Threat Console
Spear Phishing, Ransomware and other Targeted Threats
Outdated email defenses such as commodity intelligence, spam filters and AV software give companies a false sense of security. Attackers take advantage of their overconfidence. Through well-researched social engineering, they craft spear phishing messages that can convince even the most knowledgeable users to click on a link or open an attachment. Spear phishing is the tool of choice of sophisticated criminals and the first step of targeted attacks that may include ransomware, sender impersonation, credential phishing and typosquatting.
Ransomware attacks via email are becoming more prominent and effective. Ransomware, once activated, encrypts victim data or computing resources, preventing the victim from accessing those resources until a ransom is paid, usually with untraceable cyber currency such as Bitcoin. The custom encryption used in these attacks can frustrate even law enforcement agencies. FireEye Email Security automatically protects organizations from ransomware by preventing malicious email from reaching intended targets.
Highly advanced threat actors will also often devise attacks that shift from email traffic to internet or intranet traffic to quietly infect other machines or communicate with command and control servers. These multi-flow, multi-stage attacks are nearly impossible for traditional security solutions to pinpoint. Such solutions only look for specific bits of code or obvious signs of a compromise. A critical individual step in the attack process may be completely ignored as innocuous.
True Protection from Email-Borne Attacks
Without the ability to identify, analyze and expose targeted campaigns, attacks cannot be stopped before they reach their victims. FireEye email security solutions close this security gap. They are powered by up-to-the-minute, comprehensive FireEye intelligence and proactive inspection of emails for zero-day exploits, malware hidden in archive attachments, malicious URLs and behavior anomalies.
FireEye email security solutions reduce the risk of email-borne cyber attacks on your people, data and assets to protect your brand and reputation. Because FireEye email security solutions are easy to deploy and configure, they enable you to reduce operational costs and increase the effectiveness of your security teams.
Email Threat Prevention Cloud Dashboard
Choose your solution
On-Premise Email Security
The FireEye EX series is an on-premise appliance that protects organizations from advanced email attacks. To block spear-phishing emails, FireEye Email Security analyzes every attachment and URL using the purpose-built FireEye Multi-Vector Virtual Execution (MVX) engine.
Email Security can include comprehensive FireEye threat intelligence as an option, which includes real-time updates from the entire FireEye security ecosystem combined with attribution of alerts to known threat actors — valuable context that only FireEye can provide.
Email Security also supports importing custom YARA rules to analyze organization-specific threats.
Cloud Email Security
With no hardware or software to install, FireEye Email Threat Prevention Cloud (ETP) is an ideal solution for organizations migrating their email — either partially or completely — to the cloud. It eliminates complexity, supports business agility and can be deployed in minutes.
FireEye ETP integrates seamlessly with cloud-based email systems, allowing businesses to easily move from an on-premise email system to a cloud solution such as Office 365 with Exchange Online Protection. While Exchange Online Protection does includes basic security at nominal cost, today’s targeted attacks require a stronger email defense. When combined with Exchange Online, FireEye ETP provides comprehensive protection from targeted attacks faster and more accurately than Exchange Online Protection alone.
Powered by Proven Intelligence
FireEye email security solutions integrate with the entire FireEye platform to share real-time threat intelligence that only FireEye provides.
The FireEye MVX engine performs over 50 billion virtual machine analyses daily and updates the FireEye global ecosystem every 60 minutes with its findings. The FireEye Dynamic Threat Intelligence (DTI) gathers and distributes this new threat intelligence to the MVX engine every hour to catch evolving threats.
The EX Series products can be configured to include Advanced Threat
Intelligence (ATI), which delivers information correlating validated
alerts to known threat actors. This context gives your security teams
the information and guidance they need to respond to threats far more
quickly than they could with an isolated alert.
Close the Gap with FireEye Email Security
FireEye Email Security protects people, data and assets from ransomware, impersonation fraud, typosquatting and credential phishing. The FireEye MVX engine analyzes emails for hard-to-detect exploits and attacks hidden in attachments and URLs. This detection takes place in real time, immediately blocking attacks while providing security practitioners with relevant insights into cyber attacks and the criminals that launch them.
FireEye Email Security is a store and forward email analysis solution that blocks phishing emails and thwarts these types of ransomware attacks. It also detects URLs contained within email messages that appear correct yet are actually malicious (typosquatting), thus protecting end users from clicking on them. Additionally, FireEye’s credential phishing solution protects end users from sharing their credentials on websites that were compromised by attackers to appear as if they represent a trusted web source. FireEye's controlled live-mode analysis detects attacks that span multiple phases, involve encrypted malware, and evade sandbox and emulation technologies.
FireEye Email Security also integrates easily with FireEye Network Security to protect organizations from blended attacks. Together, they correlate email leading to malicious content with network traffic to link web-based attacks back to an original spear-phishing email and threat actor.
“FireEye platforms detect compromises within minutes and quarantine malicious files or emails, and then enable us to quickly track down affected machines and contain the threat, even when devices are off-network.”
- Government Research Firm
A practical how-to guide for combating spear phishing threats.
Advanced malware uses evasion techniques to bypass traditional security methods. See how FireEye is the market leader in advanced malware sandbox detection technology.