Executive Summary:

• The number of API Based email security solutions has grown considerably in the past few years
• To help filter through the dozen and a half vendors now in this space, first look if they are able to block inline like Avanan
• Beyond that, look at their experience.  Does their experience indicate they have proven success delivering a scalable solution in the enterprise like Avanan?
• Look at their actual capabilities and not their roadmap.  Can they deliver a full set of capabilities TODAY that secures the entire suite like Avanan?

By now you have likely heard these terms: API Based Email Security;  Next-Gen email security;  Cloud Native Email Security;  Self Learning/AI Email Security.  It’s hard to miss them because if you are researching email security solutions, there are a slew of vendors out there with these sort of taglines.  For the case of this blog, I’ll refer to all of us as “API Based email security”. 

The growth in this space is humbling to us at Avanan because when we started providing email security via API in 2016 we felt very much alone. At the time, customers were generally still looking for Secure Email Gateways or Legacy Email Gateways (LEGs) as we referred to them.  Between the last Email Security Gartner Magic Quadrant in 2015 and the Gartner Market Guide for Email Security in 2019, the number of API vendors grew from just us to over 10. By the next Gartner Market Guide in 2020, that number grew to 18. All the while, we added thousands of customers and gained tremendous experience.

To help cut through the noise from so many new vendors, let’s discuss the similarities and differences. 

The Similarities

First, in terms of the similarities, all of these new vendors leverage APIs to connect into O365 or Gmail without the customer updating the MX records.  Another similarity is that all make big claims around their AI/ML as part of their secret sauce.  Some of these vendors will claim to extend security to other applications like Teams, OneDrive, SharePoint, and Google Drive. For most of them, however, these are "roadmap" items.

The Differences

In understanding the differences, let's look at the key differentiator, which can be understood in a simple question: “Can you deploy inline?”  In other words, can the vendor prevent users from seeing, opening, or interacting with phishing emails before they are scanned and cleared?  It’s a simple yes/no answer but after you parse the vendors long-winded answer filled with wizardry and fables, the answer for all these other vendors is a resounding no.  

Being inline is key for a few reasons. First, malicious emails may sit in the  users’ inbox for a period of time before they are removed. For security professionals it means that the attacks listed in the UI might actually have succeeded. Instead of knowing it was taken care of, it adds to your list of concerns. This leads us to our next question. Ask the API based vendor, "Can you replace our existing email security solution or do you only supplement?" As it turns out, most of the enterprise customers of the other API vendors only supplement and still require a Legacy Email Gateway (LEG). It’s basically the difference between providing Email Security versus providing an Email Security Supplement.

Because Avanan supports both the inline mode and the post-delivery mode (We refer to it as “Detect and Prevent”), we give customers a choice. And in a survey across thousands of customers,  98.5% of our customers choose inline. They are voting with their feet. 

To mitigate the customer concerns, some marketing departments of other API vendors use terms like “milliseconds” or “scanning folder” or “pre-analysis”.  These are all clever ways of saying, “Yes the email is accessible to the end user”.  Here is an example of what it will look like if you are using a post-delivery solution.  Does this look like milliseconds?  Nope. Let’s not forget the period of time that email is accessible to the end user is dependent on the throttles in place by both Microsoft and Google as described here.

Why Experience Matters - Capabilities and Scalability

Being inline is critical, but being able to deliver an enterprise grade email security solution requires experience.  It takes time and thousands of customers to get it right.  And building a scalable solution takes time and experience.

That’s why we suggest you look at a vendor’s experience. Experience demonstrates a company has what it takes to scale to handle the demands of the enterprise as this isn’t built in a lab.  It happens by securing real companies. Experience is also important in continuing to develop and deliver capabilities aimed at solving the challenges with the enterprise. Again, these capabilities aren’t built in a lab.  They are built in the field working hand and hand with SOC analysts and others responsible for securing today’s enterprise. This is Avanan’s mantra—taking customer feedback and improving our solution to better secure their environment, while saving them time and making them more efficient. We partner with our customers to ensure we’re meeting their definitions of success while continuing to raise the standards of what to expect from an email security provider.  Unfortunately many of these vendors use the term “Roadmap” more often than not when asked how they compare with Avanan.  Our suggestion is to first understand what actual capabilities they have TODAY.  What can they enable right now?  Are these enterprise grade capabilities that you would deploy today to your end users for mission critical applications like email?  When we say a capability of ours is available, that means it is Enterprise Ready.  

With that, we wanted to provide below a full list of Avanan’s experience and capabilities in a timeline.  This is the gold standard by which other API vendors should be measured.

A Brief History in Time  - Avanan

2016 Accomplishments

• Started deploying our “version-1”
• Implemented malware scanning for email attachments
• Discovered the first widespread attack against O365
• Named a Gartner 2016 Cool Vendor  
• Extended security to OneDrive, SharePoint, and Google Drive
• Started the first API-based AI/ML model for phishing detection
• Filed for US Patent for inline via APIs - Awarded in 2019

2017 Accomplishments

• Implemented DLP scanning for email and other cloud applications
• Passed 100th customer
• Deployed our 1st Fortune 500 Customer
• Deployed our 1st 100,000+ seat deployment in a single tenant

2018 Accomplishments

• Implemented our first “inline” customer using APIs
• Launched Mail Explorer - Search and Destroy 
• Extended security to Box, Dropbox, and Citrix ShareFile
• Extended security to Slack
• Surpassed the 500th customer mark

2019 Accomplishments

• Gartner’s Customer Choice for Email Security
• Awarded US Patent for ”Inline API-Based Solution to Catch Advanced Phishing Attacks”
• Onboarded our first outbound email DLP customer  
• Surpassed the 1000th customer mark
• Implemented Click time protection that rewrites URLs 

2020 Accomplishments

• Deployed our email encryption to our first enterprise account with 30,000 users
• Launched the Avanan MSP/MSSP portal allowing managed service providers to easily provision Avanan for their partners
• Surpassed our 2000th customer mark
• Introduced Email Incident Response as a Service (IRaaS) to offload reviews of end user reported phishing attacks to our SOC. Deployed IRaaS to over 50 organizations, 5 of which are in U.S Fortune 500
• Added Security for Teams, with the ability to quarantine sensitive and malicious content, and deployed for 350 customers with a total of 500K end-users
• Selected in Deloitte Fast 500 as the fastest growing email security vendor

2021 Jan and Feb Accomplishments (Written in March, 2021)

• Gartner’s Customer Choice for Email Security, scoring 4.9/5 stars (Top score with the largest number of reviews)
• Top solution in G2 for Email Security (97% satisfaction)
• Post Delivery Recheck
• Archiving
• Passed 3,000 customers

Avanan Competitive Matrix