Check Point Email Security | Blog

The Millisecond Myth

Written by Jeremy Fuchs | April 20, 2022

We see it all the time: other API solutions claim that they remove a malicious message within milliseconds.

And that's true. Kind of.

After the other API-based solutions scan the email, it can take a moment to remove it from the inbox.

But what about the time it takes to scan the email? There's a few steps involved here. 

First, the two systems have to establish a connection. That can take a second, but it can take even longer when hundreds of connections need to be made. We've written about this before.

After the connection is made, the email in question needs to be downloaded. The connection needs to be terminated. Then it needs to be scanned. If the email is malicious, then another connection needs to be made in order to quarantine. Then it needs to be quarantined.

Once all that is done, which can take as long as five minutes in some environments, then it takes milliseconds to remove from the inbox. And all the while, as the Verizon Data Breach Report reminds us, it takes just one minute and 40 seconds for a user to click on a phishing link. The race condition is on. 

How do we know this? Because this was how our V1 worked before we created the ability to scan before the inbox. It's why we created our patented inline system.

Ask these other API-based providers about the millisecond myth. And then ask to have the entire process explained in detail. 

Remember--when others frame not doing a certain action, like scanning inline, as a benefit, it's likely because their security won't allow them to do it.