EmailSpoofTest.com EmailSpoofTest.com
2020 Email Security Report

(in progress)
updated: 11/24/2020
HELP
    new service offerings

 


Study performed with public and non-publicly available data.
Independently confirmed results.
All vendors are invited to take part in this survey.
Submit additions & corrections with proof to report@emailspooftest.com

FSA = Full Support Advanced | FS = Full Support | PR = Partial Support +Roadmap | P = Partial Support | R = Roadmap | U = Unsupported

  Basic Email Security
(this is what we test here on emailspooftest.com)
Standard Protection Advanced Features Innovation Solution
Requirements & Definitions Connection security enforcement, Inbound; DMARC, SPF, DKIM, Cloud Fraud Analysis Inbound anti-Fraud; reverse lookup, fake domain, lookalikes, domain authentication Anti-malware Auth integration MFA, MVA Link rewrite Secure Email delivery (encryption) DLP User Awareness Training/ Phish simulation ATO Detection & Lockdown User Behavior AI/ ML NLP blockchain Architecture Differentiators Price
G Suite Google Workspace FS PS FS FS FS FS FS         Cloud API SaaS,
Hosted Gateway IaaS
  Cloud: $18/user/ month
Microsoft 365 ATP, EOP FS PS FS FS FS FS FS FS       Cloud API SaaS,
Hosted Gateway IaaS,
Hybrid,
On-prem
  Cloud: $20/user/month
Cisco Cloud Inbox FS FS FS FS FS   FS FS FS     Cloud API SaaS,
Hosted Gateway IaaS,
Hybrid,
On-prem
   
Agari PS PS   FS       KnowBe4 FS FS FS Cloud API SaaS,
Hosted Gateway IaaS
   
Proofpoint Essentials PS PS FS FS FS FS FS FS FS FS   Cloud API SaaS,
Hosted Gateway IaaS
   
Valimail PS PS                   Cloud API SaaS    
Cofense PS PS           FS       Cloud API SaaS, Managed    
Forcepoint Email Security PS PS FS FS FS FS FS     PS
(On-prem only)
PS (On-prem only) Hosted gateway IaaS, Hybrid, On-prem    
Mimecast FS FS FS FS FS FS FS FS FS   FS Cloud SaaS,
Hosted Gateway IaaS
   
Trend Micro FS FS FS FS FS FS FS FS FS FS FS Cloud SaaS,
Hosted Gateway IaaS,
hybrid,
On-prem
   
Ironscales PS PS FS   FS     FS       Cloud API SaaS    
Sophos FS FS FS   FS     FS   FS FS Cloud API SaaS    
Vade Secure PS PS FS   FS         FS FS Cloud API SaaS Excellent technology for defending email-link drive-by attacks for mobile  
Clearswift FS FS Sophos or Kaspersky   FS FS FS     FS FS Cloud API SaaS,
Hosted Gateway IaaS
**Data redaction, Secure email delivery, OCR  
Fortinet FS FS FS FS FS FS FS FS FS Cloud Saas,
Hosted Gateway IaaS
SolarWinds PS PS FS FS           FS FS Hosted Gateway IaaS Heavy focus on MSP delivery, Email archive & storage  
Comodo FS FS FS FS FS FS FS       FS Hosted Gateway IaaS MSP, SEG aaS, Archive & backup  
SendGrid PS
Valimail/ Fraudmarc
PS
Valimail/ Fraudmarc
PS FS     FS     FS FS API Twilio and Valimail partnership gives anti-fraud to basic security  
Broadcom/ Symantec email security.cloud FS FS FS FS FS FS FS FS FS FS FS Cloud API SaaS, Hosted Gateway IaaS, On-prem gateway    
Barracuda FS FS FS FS FS FS FS FS FS FS FS Cloud API SaaS, Hosted Gateway IaaS,
On-prem gateway
   
Avanan PS PS FS   FS   FS   FS FS FS Cloud API SaaS Cloud email Security Supplement (CESS)  
Hornet
Security
PS PS FS   FS         FS FS   freeze emails and compare
Bought Spamina
$5/user/month
Sonic Wall FS   FS FS FS FS FS   FS FS   Cloud API SaaS,
Hosted Gateway IaaS,
On-prem
   
Area 1 security     FS     FS   FS     FS Cloud SaaS API +Email, web, social, commputervision  
Fireeye Email Security Cloud FS PS FS FS FS   FS         Cloud SaaS API, Hosted Gateway IaaS    
GreatHorn     FS   FS FS FS PS FS   FS Cloud SaaS API MSP availability  
Vircom FS   FS   FS FS FS       FS Cloud API SaaS,
 On-Prem
   
Perception Point PS PS FS   FS       FS     Cloud API SaaS    
Cyren FS FS FS   FS         FS   Cloud SaaS API, Hosted Gateway IaaS    
Totemo     FS     FS       FS FS On-prem or Cloud or Hybrid    
Retarus FS PS FS     FS       FS   Cloud based (MX)    
CensorNet FS PS FS     FS PS     FS   Cloud based (MX)    
Graphus Inc PS PS FS             FS FS Cloud API SaaS    
Inky Technologies PS PS FS         FS     FS Cloud API SaaS    
Cellopoint FS FS FS     FS       FS   Hosted Gateway IaaS,
On-prem
   
Spam Titan   PS FS                 On-prem or cloud gateway    
Redsift Oninbox FS PS               FS ML Cloud API SaaS    
Abnormal Security                   FS NLP Cloud API SaaS    
ArmorBlox       FS     FS   FS FS FS Cloud API SaaS With deep learning AI they make a good DLP contender but are lacking in basic email security  

  Feature requirements & definitions  
  Connection security enforcement, Inbound; DMARC, SPF, DKIM, Fraud Analysis

Full Support: Connection security enforcement for DMARC, SPF, DKIM performed at the time-of-delivery by an email gateway. These gateways can be virtual (SaaS), hosted (IaaS), and on-prem. If a non-gateway solution enforces DMARC, SPF, and DKIM post delivery, it may also be considered "full support".

Full Support Advanced: Provides the features of full support +AI/ML to enhance DMARC, SPF, and DKIM protections reputationally or behaviorally.

Partial Support: DMARC, SPF, DKIM, fraud analysis validation is performed post-delivery rather than connection-level enforcement..

Answers the question: Does the vendor provide email gateway level security?

Concerns: Email connection security is very important for stopping spoofing and fraud. Many vendors claim to provide enforcement level of email fraud protectiony but actually leverage a scoring system which should be looked at closely. Each vendor will have high claims but widely ranging efficacy.


 
  Inbound anti-Fraud; reverse lookup, fake domain, lookalikes, domain authentication

Full Support: Connection security enforcement for DMARC, SPF, DKIM performed at the time-of-delivery by an email gateway. These gateways can be virtual (SaaS), hosted (IaaS), and on-prem. If a non-gateway solution enforces DMARC, SPF, and DKIM post delivery, it may also be considered "full support".

Full Support Advanced: Provides the features of full support +AI/ML to enhance reverse lookup, fake domain, lookalikes, domain authentication protections reputationally or behaviorally.

Partial Support:  Reverse lookup, fake domain, lookalikes, domain authentication, fraud analysis validation is applied post-delivery to a scoring system rather than enforcement at time of delivery connection-level enforcement..

Answers the question: Does the vendor provide email gateway level security?

Concerns: Email connection security is very important for stopping spoofing and fraud. Many vendors claim to provide enforcement level of email fraud protectiony but actually leverage a scoring system which should be looked at closely. Each vendor will have high claims but widely ranging efficacy.


 
  Anti-malware

Full Support: This product claims it can stop inbound virus and malware email threats in the body or attachment.



 
  Auth integration MFA, MVA

Full Support: This product enforces MFA, MVA to validate/ revalidate a user's identity based on behavioral criteria like login location and time of day and access/download of certain data types.



 
  Link rewrite

Full Support: Intercepts and re-writes any links in email and performs time of click analysis of the link destination.

Partial Support: Intercepts and rewrites some (not all) email links OR scans email links when the email is received but not when clicked.



 
  Secure Email delivery (encryption)

Full Support: Provides secure email delivery; by storing the email in cloud infrastructure for secure email retrieval leveraging PKI. The ability to see if the email was accessed as well as the ability to revoke email access is required for full support.



 
  DLP

Full Support: API based mailbox scanning providing real time DLP (Data Loss Prevention) controls as well as historical DLP reports that will help prevent data build-up (helps with ATO risk management)

Full Support Advanced: +OCR, +AI/ML for policies and detection

Partial Support: leverages regex to scan email as accessed



 
  User Awareness Training/ Phish simulation

Full Support: ability to run phish simulations, ability to provide pre-packaged end user email security training

Partial Support: No phish simulation but provides an end user notifications by re-writing links in spam, when the user clicks a link they are redirected to training



 
  ATO Detection & Lockdown

Full Support: Detects and prevents ATO (Account Take Over) by limiting mass downloads or by leveraging user behavior for ATO detection.

Full Support Advanced: Has native AI/ML, MFA, and advanced DLP capabilities working together to prevent ATO

Partial support: can detect but not prevent ATO, only notifies



 
  User Behavior

Full support: Vendor leverages user behavioral analysis and is able to detect anomalies in its email security feature-set


 
  AI/ ML NLP blockchain

Full support: Vendor leverages AI/ ML, NLP, and or blockchain analysis and is able to detect anomalies in its email security feature-set


 
  Architecture

Cloud API SaaS: Email security as a service that bolts onto your existing email solution via API integration. this architecture usually carries advanced capabilities that leverage cloud based AI/ML, and behavioral analysis

Hosted Gateway IaaS: Email security gateway hosted as a service in the cloud

On-Prem Gateway: Email security gateway installed on-premise in your org.

Hybrid: a mix of cloud and on-prem architectures that work together

Managed: The vendor provides complete management, has SLA's


 
     

 This is an ad from google
         To submit changes or add a product review
use the form below or send us an email: report@emailspooftest.com

 

 

Have email security questions? Want expert advice? Just want to say hello or give suggestions?

Please use the form to instantly message our team.
Name:  
Email:  
Phone:  
Message:

 This is an ad from google
 




IGNITE
EmailSpoofTest.com is owned and operated by IGNITE Cyber 2020