Avanan, a pioneer in cloud security, announced the first inline email security solution based fully on Application Programming Interfaces (APIs). The platform solves for the challenges associated with the rapid adoption of cloud-based collaboration suites, such as Office 365, and the need for simple cloud-to-cloud deployment. To date, these have been only partially addressed by Secure Email Gateways (SEGs), that secure only the email portion of the suite, and Cloud Access Security Brokers (CASBs), which do not focus on email security.
As the firm noted in its Global Phish Report, one in 99 corporate emails are phishing, and 25% of these get past conventional security layers. This led to the internal development of Smart Phish™, an artificially intelligent software trained specifically on cloud email environments, uniquely capable of augmenting existing security layers while remaining invisible to hackers.
In the Avanan platform, cloud-native APIs enable fully in-line protection, meaning that every inbound, outbound, and internal email and file never reaches users or leaves the organization until it’s cleared by the Avanan security stack. This patented approach is the first of its kind, enabling Avanan to protect entire collaboration suites across email, file sharing, and messaging. This architecture also allows Avanan to install in minutes, even for the largest organizations.
Avanan has been recognized for introducing an open platform that makes industry-standard security technology from numerous vendors available in the cloud with consolidated licensing, able to deploy at enterprise scale. A majority of the nearly 1,000 clients gained since the firm’s 2014 inception rely on Avanan to block phishing, malware, data-leakage, and account takeover.
In its June 2019 “Market Guide for Email Security,” Gartner included Avanan as a Representative Vendor in the cloud security market Gartner refers to as “Cloud Email Security Supplements.” According to the report, “Cloud email security supplements (CESSs) focus on specific threats, often in the realm of hard-to-detect phishing, and can leverage full access to cloud-hosted inboxes via APIs for detection and remediation. Most of these products focus on phishing, but some go well beyond to include sandboxing and URL rewriting/time-of-click analysis, thereby directly competing with SEGs.”
“Clients have consistently told us that email-based attacks are the number one gap in Office 365,” said Gil Friedrich, chief executive and founder at Avanan. “The Avanan platform catches what their default and advanced security misses, before it gets to the inbox, and beyond email across the entire suite,” he added.
Friedrich further explained that by scanning after all other existing security layers, Avanan continuously learns of new hacking methods and uses those as new Indicators of Attack to train its machine learning algorithms to identify what other security layers miss. The prevention capabilities of the platform inspect every configuration change, permissions update, file share, and internal message to identify malicious behavior and compromised accounts within a single threat intelligence interface.
“Default security isn’t enough; advanced threat protection doesn’t cut it; legacy solutions don’t make sense,” said Michael Landewe, head of global strategy at Avanan. “Training our AI specifically on the attacks that have evaded existing security before they make it to the inbox gives Avanan clients unprecedented protection across their collaboration suite,” he concluded.
The announcement came at the Gartner Security and Risk Management Summit 2019, where Landewe spoke about key trends across cloud security Monday evening. His comments included a discussion of areas where Avanan is leading innovation, such as pre-inbox filtering, post-delivery protection (“search and destroy” forensics), AI for cloud security, and multi-vendor, multi-layered security.