Check Point Email Security | Blog

The Future of Email Security

Written by Gil Friedrich | September 26, 2019

Avanan was recently granted a U.S. patent for one of its core technologies: the ability to apply inline security via API. That means Avanan blocks advanced threats (like phishing and malware) before they reach the inbox, using the intelligence from the security scans of Microsoft, G Suite, and even other email security vendors. Though technical in nature, we believe this patent is a big deal because it represents what we think email security is going to be in a few years.

The email platform itself is the driving force behind companies' need to change their security strategy. Specifically, two key changes have occurred in the past several years.

First, practically all enterprises have moved their email service to a SaaS-based provider — mostly Office 365 and Gmail. Second, though email is still the prominent line of communications for most organizations, other collaboration apps have gained significant popularity. Microsoft and Google don't provide just email, as you know; their suite includes file-sharing and chat. At the same time, other vendors such as Box and Slack are gaining millions of enterprise users.

But How Does SaaS-Email Impact Security?

As practically all enterprise users have moved to the same collaboration platforms, the bad guys are paying attention. And so being able to bypass the default security of those services became a major focus for hackers. Most customers report that after moving to SaaS-based email, they notice more successful attacks against their organization.

On the flip-side, modern SaaS-based applications have opened their own marketplaces; now, third-party vendors can extend the default security capabilities of the SaaS service beyond what they include using open APIs. This led to a proliferation of apps, mostly focused on SaaS-to-SaaS integrations, and improved productivity tools that extend what the service does as a stand-alone.

Security "as an app" was initially less popular — not because the advantages of the API model were not understood by security vendors, but because the APIs were generally not providing an inline mode: an option to scan content prior to being delivered to the end-user. This is critical for any security solution.

Otherwise, the attack reaches the end-user. Even a gap of several seconds leaves the end-user exposed and very likely to fall victim to the attack. This is especially true in email where the end-users are constantly in front of their inbox, either on their cell phone or email client.

How The Avanan Patent Fits into This

All this brought about our core technology: to apply inline security via API. In late 2015, we completed the development of the technology and filed for a patent. As always with patents, it takes time but was finally granted to us in August of 2019.

By then, we'd already demonstrated the technology's value and scale with over a thousand customers that range from a handful to 250,000 employees. We've also seen some other vendors join this race, as Gartner has begun covering this new area as CESS (Cloud Email Security Supplement), on the heels of several major security vendors OEMing our technology after acknowledging the edge it provides.

Why Should You Care?

Now that customers can have full security via API, they can enjoy some key benefits compared to the legacy proxy-based security model:

1. It literally installs in a second after a one time approval of the Avanan app in the relevant marketplace. Immediately, the entire organization is protected. And it's not all or nothing, either. You can protect part of the organization, you can start in monitor only mode or post delivery remediation mode. You can deploy gradually if you want to. All these flexibilities come naturally with an API-based solution.

2. We scan after the default security of Office 365 and Gmail, instead of replacing it as the legacy vendors require. This layered approach means we always add security. Anything the default layer would block still gets blocked.

3. We see many things that the legacy email provider won't see, like login events, where the user that sends the email is connected from, what the default security flagged in the email, the list of users and their titles in the organization, the historical email communication, all leading to a superior and more accurate security technology.

4. We secure every line of communication, not just email. We scan files in OneDrive and GoogleDrive and Sharepoint and Microsoft Teams. We extend beyond the main suite to Slack and Box and other platforms. We secure the entire collaboration suite, not just email.

This is what the API-based security means: easier, more complete, and more secure protection. This is what our customers have emphasized in their reviews of our solution and this is why we're so excited with the patent that was granted to us.