We have exciting news to share! Gartner has named Armorblox a Cool Vendor in Cloud Office Security for 2020! We understand that our inbound and outbound email protection platform was recognized as a front-runner in providing innovative approaches to cloud office security and email. In this blog, we’ll look at the security challenges laid out in Gartner’s report, our thoughts on what makes Armorblox different, and the future of cloud office security.
According to Gartner, “Roughly half of all cybercrime losses were due to either business email compromise (BEC) or email account compromise (EAC). With the rise of business email compromise, buyers often look for a single product that can provide protection against all advanced cloud office threats.”
We agree wholeheartedly with this assessment. While mass phishing emails still exist, security technologies have over-rotated on phishing protection and left the door open for a bevy of other security attacks - both within and beyond email. Targeted email attacks like business email compromise turn the tables on existing security controls by focusing on the human layer of enterprises and extracting money from victims by simply asking for money in a persuasive manner.
This drip-drip of BEC attacks has created a billion dollar ocean. The 2019 IC3 Report from the Federal Bureau of Investigation found that over $26 billion has been lost in BEC attacks over the past three years.
Why Armorblox is a ‘Cool Vendor’
Here are what we believe to be the highlights of our unique approach to protecting enterprise communications:
1. Broad spectrum of detection signals
Just like no single element in an email is deterministic enough to mark it a ‘good’ or ‘bad’ email, no one detection technique is the panacea for email security woes. Armorblox leverages natural language understanding, deep learning, traditional machine learning, and detection techniques to analyze thousands of signals across identity, behavior, and language. If legacy email protection controls are padlocks, think of Armorblox as a fingerprint scanner.
2. Granular attack categories
While all the buzz around BEC is definitely warranted, it can lead to an oversimplification of the many attack categories that constitute BEC. Armorblox has predefined and automatically updated detection categories that bucket emails into specific attack types such as payroll fraud, payment fraud, impersonation, and credential phishing.
3. Automated (but flexible) remediation
Remediating email attacks is tricky, with security teams needing to walk the tightrope between safety and productivity. Security teams shouldn’t have to manually remediate the vast majority of their email alerts, but they should still have the option of defining custom remediation actions when required. Armorblox provides user-defined remediation options for every attack category, enabling security teams to respond to email alerts with minimal manual effort while upholding organizational productivity. These actions, once set for an attack category, are automatically applied to every email that gets classified under that attack category.
4. Continuous global and local learning
We can already see you rolling your eyes at ‘machine learning’, but hear us out. To protect against targeted email attacks, relying solely on global machine learning models that are trained on cross-organizational data isn’t enough. Armorblox has three distinct machine learning models: a global one (across organizations), an organization-specific model, and a user-specific model. This approach combines the gains from looking at attacks across organizations with the contextual relevance of studying attacks specific to a particular organization.
Final Thoughts: The Journey Beyond Email
We believe that the ability to create a single system that can combine a universal understanding of all content and a proper catalog of contextualized interactions with the data can serve a variety of purposes far beyond just detecting cases of intellectual property misuse over email or business email compromise scenarios.
“We’re delighted to be named a Gartner Cool Vendor,” said DJ Sampath, Co-founder and CEO of Armorblox. “We see inbound and outbound email protection as the first application of our language-powered detection engine. While email is the true system of record for enterprises, we realize that humans don’t communicate linearly in a world that’s dominated by remote work and digital workflows. We’re working to expand our platform applications to messaging and cloud sharing services with the goal of keeping businesses secure wherever they choose to communicate and share data.”