Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

2/25/2020
10:30 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Mimecast's Email Security 3.0 Strategy Advances the Way Organizations Combat Email-Based Cyberattacks

SAN FRANCISCO, Feb. 25, 2020 (GLOBE NEWSWIRE) -- RSA Conference -- Mimecast Limited (NASDAQ: MIME), a leading email and data security company, today announced it has added new capabilities to its cloud-based platform comprised of integrated service components that organizations’ need to combat the latest cybersecurity challenges. These capabilities further enable customers to embrace a new approach to defending email. Mimecast’s Email Security 3.0 strategy helps organizations address threats at three distinct zones: the email perimeter, inside the organization or network and beyond the perimeter. Mimecast has incorporated new major platform innovations helping to increase efficacy with technology integrations and product capabilities, including web browser isolation, security awareness training integrations and brand exploitation protection solutions.

“The email threat landscape has changed and requires organizations to evolve from a perimeter-based discipline to a more pervasive one. For instance, tactics, like impersonation attempts, are becoming increasingly more difficult to identify as they’re happening both in email and ‘in the wild’, but organizations still need to cover off on their basic protection needs at the same time. This requires organizations to consider a new strategy when it comes to defending email,” said Peter Bauer, chief executive officer. “As our customers’ needs evolve, Mimecast is committed to continuing to develop new innovations into our platform to help them build a stronger cybersecurity and resilience posture.”

New enhancements to Mimecast’s cloud-based platform include:

Zone 1 – At the Email Perimeter: Now Includes Browser Isolation and Custom Security Block for Added Protection

Mimecast® Browser Isolation for Email is designed to provide organizations an additional layer of protection from new phishing sites, appearing as recently as the last few hours. Mimecast Browser Isolation is engineered to mitigate the risk of emails containing links to spoofed sites by preventing a direct connection between the user’s browser on his or her device and the target web page. Users are now further protected from any potentially malicious action like the challenge of credential harvesting or malicious downloads as the browsing session is executed and contained within the Mimecast cloud rather than on the user’s device.

Browser Isolation policies can be enforced for all employees or customized to target higher risk employees as desired. The service also is built to provide a safe environment for security analysts and messaging administrators to investigate incidents, helping reduce time to respond, contain and remediate threats.

The new Custom Security Block capability is designed to enable customers to ingest security data from other sources into Mimecast’s platform to enhance efficacy further for their organization. Often security-mature organizations face the challenge where they have large amounts of security data from point solutions across their cyber ecosystems and third-party feeds. Unfortunately, much of that data is not actionable if not properly utilized to improve detection in other parts of their environment. Mimecast’s cloud-native, multi-tenant platform with API connectors to a host of third-party cybersecurity vendor solutions addresses this problem by helping organizations maximize the return on their current investments in threat intelligence sources by utilizing them in Mimecast.

Zone 2 – Inside the Perimeter: Security Awareness Training is Integrated into the Mimecast Platform to Reduce Costs and Complexity

Recent research reveals that 98 percent of organizations deploy security awareness training to their employees, yet 71 percent of organizations have been hit by an attack where malicious activity was spread from one user to another.* To help organizations more effectively manage security awareness training, Mimecast® Awareness Training is now fully integrated into Mimecast’s cloud-based platform. This integration is designed to enable customers to more easily administer awareness training into their Mimecast and broader security ecosystem.

Customers can now reduce the cost and complexity by having all their Mimecast solutions fully-integrated, making it easy for organizations to deploy, manage and maintain their security awareness training investments from a single administration console.

Zone 3 – Beyond the Email Perimeter: Brand and Domain Protection with Machine Learning Advances Phishing Protection from Known and Unknown Attacks

Cybercriminals consistently exploit human weaknesses by impersonating an organization to dupe their customers, supply chain and even their own employees. Spoofed websites and domains, where an attacker forges a website or email to make it look as though their communication has come from a trusted source, is a common tactic used in phishing campaigns and business email compromise, the use of which grew by 54% and 67% respectively.*

Mimecast® Brand Exploit Protect is engineered to deliver an innovative solution covering more than 99 percent of phishing use cases across the web. Using machine learning, it is designed to run targeted scans that identify even unknown attack patterns, blocking compromised assets before they become live attacks at the earliest preparation stages.

Additionally, Mimecast now enables customers to stop spoofing attacks faster with a self-service email channel analysis and DMARC reporting. To further strengthen brand efficacy, Mimecast DMARC Analyzer is built to extend protection from impersonation attacks by helping to detect and block attackers using domains an organization owns that are being used to spoof customers and other external parties, as well as employees.

See Peter Bauer present ‘The Cyber Resilience Imperative & The Role of Pervasive Email Security 3.0’ at RSA Conference 2020 in San Francisco on Wednesday, February 26, 2020 at 9:20 am PT at Moscone South 207.

Learn more about Mimecast’s Cyber Resilience Platform and how you can help plan for the future of email security at Mimecast’s booth 5771 in Moscone North.

*Research from 2019 State of Email Security report

About Mimecast:
Mimecast is a cybersecurity and compliance provider that helps thousands of organizations worldwide make email safer, restore trust and strengthen cyber resilience. Mimecast’s expanded cloud suite enables organizations to implement a comprehensive cyber resilience strategy. From email and web security, archive and data protection, to awareness training, uptime assurance and more, Mimecast helps organizations stand strong in the face of cyberattacks, compliance risk, human error and technical failure. www.mimecast.com

Mimecast is either a registered trademark or trademark of Mimecast Services Limited in the United States and/or other countries. All other trademarks are the property of their respective owners.

Mimecast Social Media Resources
LinkedIn: Mimecast
Facebook: Mimecast
Twitter: @Mimecast
Blog: Cyber Resilience Insights

Press Contact
Alison Raymond Walsh
[email protected]
617-393-7126

Investor Contact
Robert Sanders
[email protected]
617-393-7074

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Healthcare Industry Sees Respite From Attacks in First Half of 2020
Robert Lemos, Contributing Writer,  8/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: It's a technique known as breaking out of the sandbox kids.
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-20383
PUBLISHED: 2020-08-13
ABBYY network license server in ABBYY FineReader 15 before Release 4 (aka 15.0.112.2130) allows escalation of privileges by local users via manipulations involving files and using symbolic links.
CVE-2020-24348
PUBLISHED: 2020-08-13
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.
CVE-2020-24349
PUBLISHED: 2020-08-13
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.
CVE-2020-7360
PUBLISHED: 2020-08-13
An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was r...
CVE-2020-24342
PUBLISHED: 2020-08-13
Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.