Darktrace's Antigena email technology is powered by self-learning AI that understands the 'pattern of life' of every user and device in your organization. Darktrace's AI builds a sense of what is normal, across the entire digital estate. Antigena email is the only solution that analyzes individuals emails in the context of a particular understanding of each individual employee for your entire digital business - not just email.
90% or more of cyber-threats originate via email with legacy defenses continuing to fall short. Whenever Antigena email and legacy defenses are deployed in the same environment, Antigena can consistently neutralize external threats and data loss that evade email defenses at the border.
Antigena's email accuracy is best-in-class at stopping malicious emails and also sophisticated threats that evade legacy defenses by design:
- Social Engineering Attacks: Since Antigena Email ‘knows your network’ in a way that other tools do not, it can spot subtle deviations in the metadata that reveal seemingly benign emails to be unmistakably malicious.
- Unknown Malware & Impersonation Attacks: If an email does include a malicious link or attachment but the domain is unknown, Antigena Email will still catch it when others do not because the system does not rely on blacklists or signatures.
- External Account Hijacks: Legacy email defenses assume trust, which means that account hijack attacks often go completely unnoticed. Since Darktrace analyzes and understands your organization's and users’ relationships with trusted external contacts, Antigena Email can pick up on subtle inconsistencies that point to a compromised account, and it can take autonomous action to protect against this
- Inbound and Outbound data Loss Protection: Antigena Email understands the full scope of your users’ ‘pattern of life’ in every corner of the business, it knows which files they should and should not have access to and where they should or should not send them. Antigena is not only neutralizing malicious inbound emails, but also alerting on malicious outbound emails.
Additional Benefits Antigena email provides:
- Learning from Patient Zero: With Darktrace learning and understanding your business infrastructure, SaaS, and email environment - Antigena can uniquely detect an infection in the network (Patient Zero), and automatically perform root cause analysis to see if it originated via email. If so, it will instantly protect the business by stopping all other emails that are part of the same campaign.
- Visibility, Forensics, Auditing: Organizations that trial Antigena Email and legacy email defenses side-by-side invariably report that Antigena has far superior functionality around email visibility, forensics, and auditing. Antigena also allows security teams to remove live emails from inboxes if needed, which is not possible with many other tools.
- Auto-Prioritization of Key Individuals: Antigena Email understands who your users are, which means it can automatically detect which users are high priority, which users are more likely to be targeted, and which users have access to sensitive material. It will therefore take an appropriate response to different users, rather than a single response across the board.
- Incognito Email Defense: Email gateways also require organizations to change their ‘MX record’, which means that any attacker can immediately see which tools are being used and can craft their attacks accordingly. Because Antigena Email does not sit in line, attackers have less intel on your security stack and will be less likely to target your organization.
For more information on Darktrace's email security click here