Technology
Products
Resources
Company
English
Technology
Products
Blog
Resources
Company

Email gateways: A legacy approach

Traditional email security tools look for known indicators of ‘bad’ through blacklisted IP addresses, domains, and other indicators around the email — this is the approach relied upon by gateways such as Mimecast and Proofpoint.

This relies on seeing an indicator of threat in historical attacks, and fails to respond to newly-created attack infrastructure, requiring a ‘Patient Zero’ before blacklisting. Attackers know this method and are updating their attacks more frequently.

Darktrace for Email: A self-learning approach

Darktrace for Email doesn’t rely on rules and signatures, instead using a combination of supervised and unsupervised machine learning to learn ‘normal’ for every email, user and device. This enables it to recognize deviations from their learned ‘pattern of life’ that are indicative of a threat.

This enables Darktrace to stop advanced threats on the first encounter, before any damage is done. The AI enacts a surgical and proportionate response, stopping the malicious activity whilst allowing normal business activity to go ahead.

Watch the video:
How Darktrace neutralizes malicious emails