Check Point Email Security | Blog

Other API Vendors Are a Fake Substitute for Email Security

Written by Jeremy Fuchs | February 23, 2022

There are two types of API-based email security solutions. One provides real security. The other is a knockoff. Let's explain: 

One--the Avanan solution--prevents malicious emails from reaching the inbox. It does this through its position in the mail flow. Avanan's API protection sits after default security but before the inbox. That means it scans all emails before the inbox. When an inbox gets delivered to your inbox, you can have confidence that it's safe. This is Avanan's patent. 

The second solution--which accounts for all other API-based solutions, regardless of what they say--remediates after the email reaches the inbox. That means that there are inbox incursions happening all the time. What's an inbox incursion? It's when a malicious email reaches the inbox and stays there before it can be removed. This happens all the time because, due to their architecture, these other API-based solutions cannot block before the inbox. All malicious emails, therefore, reach the inbox. The malicious ones stay there for, on average, three minutes and three seconds. That's more than enough time for a user to click on a phishing link. Allowing malicious emails into the inbox is not providing real security. Allowing malicious emails into the inbox for as long as three minutes and three seconds is not real security.  

At Avanan, we've been encouraged to see many API-based competitors pop up. It validates our approach and our belief that securing email via API is the most effective way to secure email. However, these solutions are suffering a bit from imposter syndrome. Just because you connect to the environment the same way doesn't mean the security is the same. If your solution is not preventing inbox incursions, it's not real security. When a malicious email enters your environment, it's already too late. 

Consider the following analogy of the automated brake systems that many cars have. These are brakes that stop the car automatically when it senses an object coming. If the brake stops the car before it hits the object, it's protecting the driver. If it stops the car after, even if it's a second late, it's not protecting you or your car. Full protection only happens when the car stops before hitting anything. 

It's the same with the inbox. If you don't protect malicious emails from reaching the inbox, then you are not providing email security. You're just reacting. 

Don't settle for constant inbox incursions. Don't settle for the knockoff.

When it comes to your security, the only thing you can trust is the real thing.