Advanced Threat Detection

Legacy email security products rely on outdated, inaccurate, and inadequate threat detection models that put your organization at risk. Antiquated good/bad techniques struggle to identify the impersonation emails in your CFO’s mailbox or to determine when a compromised account sends URLs to credential theft sites or attachments with embedded malware to all of your customers. Such technology deficiencies have been covered up by blaming users for perceived careless behavior when in fact, employees are critical to protecting against business email compromise, impersonation, brand lookalikes, and advanced business service spoofing attacks.

Solution Details

Threat Intelligence Isn’t Enough

Our dynamic threat detection recognizes all types of email-borne threats—widespread malware, emergent attack patterns, and highly targeted phishing attempts—by employing a variety of threat detection techniques that can’t be replicated by legacy email security solutions.

Detect Every Type of Threat.

Our proactive approach to threat detection understands your communication patterns so we can identify the anomalies that signal threat—a giant leap forward from the reactive approach employed by other tools.

Adaptive Threat Analytics

Instead of relying solely on known malicious content, GreatHorn’s Adaptive Threat Analytics quickly and automatically learns the legitimate communication patterns specific to your organization, making it easy to spot the anomalous emails, attachments, and links that typify suspicious content.

GreatHorn’s proprietary risk and reputation analysis expands threat detection beyond known malicious threats to include highly suspicious emails based on multiple vectors, keeping your organization and employees safer than ever before.

Relationship Strength:

Strength of a sender’s individual relationship to the recipient, as well as a “friends of friends” system that accounts for the sender’s overall relationship with others in the recipient’s organization

Spoofing Likelihood:

Analysis for employee display name spoofs, domain spoofs, and domain look-alikes, including comparison against known email addresses, executive impersonation tactics, and email authentication standards

Technical Fingerprint:

Sophisticated analysis of domain reputation, sending IP, and header information, including determining variations in expected authentication results for DMARC, DKIM, and SPF

Content Analysis:

Deep content inspection based on keywords, regular expressions (RegEx), attachments, and URLs, to identify common spear phishing tactics—wire transfer and W2 requests, credential theft attacks, business service impersonations—all without storing the content or the mail

Communication Patterns:

Establishes an understanding of communication patterns unique to a specific individual and a specific organization, such as email frequency, volume, recipients, sending patterns and more