Darktrace for Microsoft Exchange

Darktrace for Email is the world’s first Self-Learning AI email security solution. By learning the normal ‘pattern of life’ for every user within Microsoft 365, the technology builds an evolving understanding of the human behind email communications.

While legacy email security tools look for known email attack vectors, Darktrace for Email is able to identify novel email threats that get through, including sophisticated phishing, business email compromise (BEC) and data leakage.

Self-learning

Single, unified AI platform that provides complete coverage

Understands the human

Every user analyzed for behavioral modeling

Proportionate response

Catches costly attacks missed by legacy security tools

Installs in 5 minutes

Virtual or hardware deployment available

Darktrace for Email: Secure your inbox with AI

Darktrace for Email doesn’t rely on rules and signatures, instead using supervised and unsupervised machine learning to learn ‘normal’ for every email, user and device, and recognize subtle anomalies that are indicative of a threat.

Advanced spear phishing

Supply chain attack

Spoofing and solicitation

Employee account takeover

Spear phishing attacks typically aim to deceive employees into clicking malicious links or attachments in an email, aiming to harvest credentials or deploy malware into an organization.Unknown correspondentNobody in the organization has had previous contact with the sender.Unusual recipient groupThe email chain was sent to a group of contacts within the organization not usually associated with one another.Suspicious attachmentIndicates behavior consistent with an attempt to deliver a payload via an attachment.By hijacking the account of a trusted contact in your supply chain, threat actors can easily gain the trust of a user and coax them into clicking a malicious link, or even wiring money out of the business.False replyDarktrace for Email can distinguish genuine replies from fake ones, whereby a manufactured email thread is pasted below the offending email.Suspicious URLNeither the recipient nor anyone in their peer group has visited the suspect domain before, raising a high-confidence alert.Suspicious locations of linkThe same suspicious URL appears in multiple locations within the email, including behind this misleading hyperlink.Spoofing attacks usually involve an attempt at impersonation, where disguised attackers prompt the recipient to reply, with a goal to either solicit a fraudulent payment or gather intel on an organization.Unusual correspondentNeither the recipient nor anyone in the organization has had any previous interaction with this sender.SolicitationA time constraint invokes a sense of urgency, a sign of possible solicitation attempt.Suspicious linkNeither the recipient nor anyone in their peer group has visited the suspect domain before, raising a high-confidence alert.Employee’s email accounts can be compromised either through fake login pages that record keystrokes, or data leakages containing credentials. Once inside, attackers may pillage an inbox for valuable information, or launch a string of malicious emails from the compromised account.Unusual email processing rulesThis email was sent just minutes after unusual inbox processing rules were created on the account.Unusual login locationDarktrace’s SaaS Module has picked up on the unusual login location and flagged it to Darktrace for Email.Unusual outbound attachmentIndicates behavior consistent with an attempt to deliver a payload via an attachment.

Installed in minutes.

Uses Microsoft’s API.

No MX changes required.

Getting started with Darktrace for Microsoft Exchange is easy and fast. Microsoft’s data and metadata is immediately processed on configuration, allowing Darktrace for Email to gain an immediate knowledge of users, email addresses, correspondents, and routine operations.

Featured Blog

The Domain Game: How email attackers are buying their way into inboxes

This blog post explores how mass domain purchasing allows cyber-criminals to stay ahead of legacy email tools — and how Self-Learning AI stops the threats that slip through.

Email Security Threat Report

With increasingly targeted spoofing and well-researched impersonation attempts, email and phishing attacks are the most concerning cyber security threat vector in 2021. Traditional email gateways – which measure inbound emails against pre-defined rules and signatures – are blind to the novel and sophisticated attacks that often cause the most damage.

Read this threat report to discover 13 email threats — from supply chain attack to account takeover — that evaded legacy security tools but were neutralized in real time by Darktrace's AI.

Thank you for downloading the Threat Report.

Opt in to company updates and event invitations

Please enable JavaScript in your browser in order to complete this form,
or email us directly for more details.

Darktrace for Microsoft Exchange

Darktrace for Email: Secure your inbox with AI

Featured Blog

Email Security Threat Report

Technology

Products

Resources

Company

Darktrace for Microsoft Exchange

Darktrace for Email: Secure your inbox with AI

Featured Blog

Email Security Threat Report

Related Resources

Technology

Products

Resources

Company