SlideShare a Scribd company logo

In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security

Principled Technologies
Principled Technologies

When paired with Microsoft 365, VMRay provided added protection against novel attacks, sophisticated malware, and phishing attempts

Technology
1 of 4
Download to read offline
In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security When paired with Microsoft 365, VMRay provided added protection against novel attacks, sophisticated malware, and phishing attempts People are often the weakest links in an organization’s security chain. Despite the powerful advancements in server, processor, and personal computer security that make it difficult for hackers to simply take data by brute force, just one high-value employee accidentally clicking on a malicious email URL is all it takes to render many of these defenses useless. As email attacks aimed at employees grow ever more prevalent and sophisticated, security teams are looking for tools to help keep their sensitive data secure. Though Microsoft 365 offers its own email security features, sometimes threats can still slip through. VMRay Email Threat Defender (ETD) is a supplemental tool for Microsoft 365 that can help enhance organizational security by adding an extra layer of security and reducing the opportunities for employees to be deceived. At Principled Technologies, we tested VMRay Email Threat Defender with two Microsoft 365 offerings that had the following configurations: • Standard-preset Microsoft Exchange Online Protection (EOP) policies consistent with a Microsoft 365 E3 deployment • Standard-preset Microsoft Defender for Office 365 and Standard-preset EOP policies consistent with a Microsoft 365 E5 deployment In our tests, we found that supplementing the standard Microsoft 365 Defender and EOP policies with VMRay ETD increased protection against various types of threat, including malicious file types within email attachments, types of password-protected archives containing malware, malicious URLs in documents, and more. On a Microsoft 365 Enterprise E3 account: 13 additional types of malicious emails detected On a Microsoft 365 Enterprise E5 account: 5 additional types of malicious emails detected In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security February 2022 A Principled Technologies report: Hands-on testing. Real-world results.
Our results Tables 1 and 2 give a breakdown of the type and quantity of threats that VMRay Email Threat Defender identified where Microsoft policies alone did not. Though Microsoft policies caught several types of malicious emails in each account, VMRay Email Threat Defender extended this protection to cover additional types of threats. Microsoft 365 E3 with EOP offers basic protection, and Microsoft 365 E5 with EOP and Microsoft Defender offers the best recommended standard protections for a typical user without introducing a large number of false positives. Our testing shows that VMRay Email Threat Defender can supplement these robust sets of security policies for additional peace of mind. Table 2: Types of attack that VMRay Email Threat Defender identified for the E5 account that Microsoft EOP and Defender alone did not. Source: Principled Technologies. Enhanced protection for E5 Standard EOP and Standard Defender policies Quantity Type of attack 3 Malicious files in attachments 1 Password-protected archive attachments containing malware 1 Hidden, malicious macros within files Table 1: Types of attack that VMRay Email Threat Defender identified for the E3 account that Microsoft EOP alone did not. Source: Principled Technologies. Enhanced protection for E3 Standard EOP policies Quantity Type of attack 4 Malicious files in attachments 2 Password-protected archive attachments containing malware 2 Hidden, malicious macros within files 1 Malicious URL within a document 4 Obscured or shortened URLs within the email body In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security February 2022 | 2
How we tested We deployed two accounts within Microsoft 365 using security policies consistent with either an E3 EOP or E5 EOP and Microsoft Defender deployment. E3 and E5 are enterprise subscription plans for Microsoft 365, with E5 offering more advanced security settings than E3. The E5 plan uses the cloud-based Microsoft Defender for Office 365 in conjunction with Microsoft EOP policies. After configuring each account with VMRay Email Threat Defender, we began our tests. We sent to each account a set of email messages, each of which contained a particular type of threat (such as malicious links and attachments) to see which threats were still able to reach each account’s inbox. When an email did not arrive at the inbox, we checked the Microsoft and VMRay quarantines. We configured VMRay Email Threat Defender to process emails only after Microsoft 365 security features had a chance to respond. Therefore, any emails caught within the VMRay Email Threat Defender quarantine would not have been picked up by Microsoft 365 alone. Email Threat Defender can scan emails at earlier points, but we did not test those features. We generated each attack type in one of two ways: either by obtaining (and altering, if necessary) threat samples from third-party websites that collect samples for security professionals, or by using recent threat samples that VMRay has obtained from its customers (after scrubbing all sensitive information). Because we used live threats, our samples were limited by the number of threats available around the time of testing. Note that in this report, we have purposefully obfuscated or omitted sensitive details that could lead bad actors to identify and exploit vulnerabilities we found in our testing. For some additional details, see the science behind the report. About VMRay Email Threat Defender According to the VMRay website, Email Threat Defender fully automates inbound email scanning by analyzing attachments and links before an email can land in a user’s inbox. Rather than fully replace an email app’s existing security features, VMRay works to enhance native protection as a second layer of defense, integrating with Microsoft Defender APIs and connectors and sharing its analytics with other security tools. To learn more about Email Threat Defender, visit https://www.vmray.com/products-email-threat-defender-etd/. In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security February 2022 | 3
Conclusion The best data center security in the world may be unable to stop a hacker if one gains access to a high-value account via a convincing phishing email. To reduce the likelihood of a successful attack, it can help to supplement your organization’s existing email security tools for an added layer of protection. In our tests, we found that VMRay Email Threat Defender enhanced the native security of Microsoft 365 E3 and E5 accounts by protecting against more types of malicious email attacks—13 types of attacks beyond E3 protection and 5 types of attacks beyond E5 protection. Adding VMRay Email Threat Defender to your Microsoft 365 deployment could help prevent successful phishing attempts and help keep your business safe. Just one malicious email reaching the right inbox is enough opportunity to compromise critical organizational assets as well as employee and customer data. For more information, visit https://www.vmray.com/solutions/close-the-gaps-in-your-office-365-email-security/. Principled Technologies is a registered trademark of Principled Technologies, Inc. All other product names are the trademarks of their respective owners. For additional information, review the science behind this report. Principled Technologies® Facts matter.® Principled Technologies® Facts matter.® This project was commissioned by VMRay. Read the science behind this report at https://facts.pt/iHN6LLy In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security February 2022 | 4

Recommended

UNIT-3.docx
UNIT-3.docxUNIT-3.docx
UNIT-3.docx
CSEA18Arun537
 
Trend Micro - Hosted eMail Security
Trend Micro - Hosted eMail SecurityTrend Micro - Hosted eMail Security
Trend Micro - Hosted eMail Security
Teddy Wijaya
 
Balancing Cloud-Based Email Benefits With Security
Balancing Cloud-Based Email Benefits With SecurityBalancing Cloud-Based Email Benefits With Security
Balancing Cloud-Based Email Benefits With Security
Symantec
 
Email: still the favourite route of attack
Email: still the favourite route of attackEmail: still the favourite route of attack
Email: still the favourite route of attack
Claranet UK
 
Email security for office 365 - Yaqeen Hosting Uk Limtied
Email security for office 365 - Yaqeen Hosting Uk Limtied Email security for office 365 - Yaqeen Hosting Uk Limtied
Email security for office 365 - Yaqeen Hosting Uk Limtied
ahmad hanbali
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender
Mighty Guides, Inc.
 
Office365 Security Task Force
Office365 Security Task ForceOffice365 Security Task Force
Office365 Security Task Force
Microsoft
 
brif enpoint.pptx
brif enpoint.pptxbrif enpoint.pptx
brif enpoint.pptx
VSAM Technologies India Private Limited
 

Recommended

UNIT-3.docx
UNIT-3.docxUNIT-3.docx
UNIT-3.docx
CSEA18Arun537
 
Trend Micro - Hosted eMail Security
Trend Micro - Hosted eMail SecurityTrend Micro - Hosted eMail Security
Trend Micro - Hosted eMail Security
Teddy Wijaya
 
Balancing Cloud-Based Email Benefits With Security
Balancing Cloud-Based Email Benefits With SecurityBalancing Cloud-Based Email Benefits With Security
Balancing Cloud-Based Email Benefits With Security
Symantec
 
Email: still the favourite route of attack
Email: still the favourite route of attackEmail: still the favourite route of attack
Email: still the favourite route of attack
Claranet UK
 
Email security for office 365 - Yaqeen Hosting Uk Limtied
Email security for office 365 - Yaqeen Hosting Uk Limtied Email security for office 365 - Yaqeen Hosting Uk Limtied
Email security for office 365 - Yaqeen Hosting Uk Limtied
ahmad hanbali
 
7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender7 Experts on Implementing Microsoft 365 Defender
7 Experts on Implementing Microsoft 365 Defender
Mighty Guides, Inc.
 
Office365 Security Task Force
Office365 Security Task ForceOffice365 Security Task Force
Office365 Security Task Force
Microsoft
 
brif enpoint.pptx
brif enpoint.pptxbrif enpoint.pptx
brif enpoint.pptx
VSAM Technologies India Private Limited
 
Infographic - Three steps to stopping advanced email threats
Infographic - Three steps to stopping advanced email threatsInfographic - Three steps to stopping advanced email threats
Infographic - Three steps to stopping advanced email threats
Proofpoint
 
Top 6 Email Security Controls.pptx
Top 6 Email Security Controls.pptxTop 6 Email Security Controls.pptx
Top 6 Email Security Controls.pptx
Enfology Services
 
Webinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von BaggenstosWebinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von Baggenstos
JenniferMete1
 
Presentation-PracticalGuideToHavingACustomerConversationOnSecurity (1).pptx
Presentation-PracticalGuideToHavingACustomerConversationOnSecurity (1).pptxPresentation-PracticalGuideToHavingACustomerConversationOnSecurity (1).pptx
Presentation-PracticalGuideToHavingACustomerConversationOnSecurity (1).pptx
GundegmaaOtgon
 
Microsoft Unified Communications - Securing Exchange Server 2007 Messaging Wh...
Microsoft Unified Communications - Securing Exchange Server 2007 Messaging Wh...Microsoft Unified Communications - Securing Exchange Server 2007 Messaging Wh...
Microsoft Unified Communications - Securing Exchange Server 2007 Messaging Wh...
Microsoft Private Cloud
 
Encrypting E-mail Messages
Encrypting E-mail MessagesEncrypting E-mail Messages
Encrypting E-mail Messages
D's Surti
 
Comprehensive Protection and Visibility into Advanced Email Attacks
Comprehensive Protection and Visibility into Advanced Email Attacks Comprehensive Protection and Visibility into Advanced Email Attacks
Comprehensive Protection and Visibility into Advanced Email Attacks
Symantec
 
E book Elevate Your Email To The Cloud
E book Elevate Your Email To The CloudE book Elevate Your Email To The Cloud
E book Elevate Your Email To The Cloud
DefCom Technology
 
Microsoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterpriseMicrosoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterprise
ssuserd58af7
 
Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure Score
Joel Oleson
 
Microsoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveMicrosoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's Perspective
Benedek Menesi
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
Dean Iacovelli
 
Rapport X force 2014
Rapport X force 2014Rapport X force 2014
Rapport X force 2014
Patrick Bouillaud
 
Office 365 Security - Its 2am do you know whos in your office 365
Office 365 Security - Its 2am do you know whos in your office 365Office 365 Security - Its 2am do you know whos in your office 365
Office 365 Security - Its 2am do you know whos in your office 365
Jack Nichelson
 
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
CMR WORLD TECH
 
Why You Need an Email Exploit Detection Engine
Why You Need an Email Exploit Detection EngineWhy You Need an Email Exploit Detection Engine
Why You Need an Email Exploit Detection Engine
GFI Software
 
Email Security Solutions | Seclore
Email Security Solutions | SecloreEmail Security Solutions | Seclore
Email Security Solutions | Seclore
Seclore
 
Secure remote work
Secure remote workSecure remote work
Secure remote work
Allessandra Negri
 
Using m365 defender to protect against solorigate
Using m365 defender to protect against solorigateUsing m365 defender to protect against solorigate
Using m365 defender to protect against solorigate
Matt Soseman
 
Fortifying Your Data Unveiling Enhanced Security And Privacy Features in Micr...
Fortifying Your Data Unveiling Enhanced Security And Privacy Features in Micr...Fortifying Your Data Unveiling Enhanced Security And Privacy Features in Micr...
Fortifying Your Data Unveiling Enhanced Security And Privacy Features in Micr...
PetaBytz Technologies
 
Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...
Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...
Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...
Principled Technologies
 
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Principled Technologies
 

More Related Content

Similar to In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security

Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure Score
Joel Oleson
 
Microsoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveMicrosoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's Perspective
Benedek Menesi
 
Office 365 Security - Its 2am do you know whos in your office 365
Office 365 Security - Its 2am do you know whos in your office 365Office 365 Security - Its 2am do you know whos in your office 365
Office 365 Security - Its 2am do you know whos in your office 365
Jack Nichelson
 

Similar to In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security (20)

Infographic - Three steps to stopping advanced email threats
Infographic - Three steps to stopping advanced email threatsInfographic - Three steps to stopping advanced email threats
Infographic - Three steps to stopping advanced email threats
 
Top 6 Email Security Controls.pptx
Top 6 Email Security Controls.pptxTop 6 Email Security Controls.pptx
Top 6 Email Security Controls.pptx
 
Webinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von BaggenstosWebinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von Baggenstos
 
Presentation-PracticalGuideToHavingACustomerConversationOnSecurity (1).pptx
Presentation-PracticalGuideToHavingACustomerConversationOnSecurity (1).pptxPresentation-PracticalGuideToHavingACustomerConversationOnSecurity (1).pptx
Presentation-PracticalGuideToHavingACustomerConversationOnSecurity (1).pptx
 
Microsoft Unified Communications - Securing Exchange Server 2007 Messaging Wh...
Microsoft Unified Communications - Securing Exchange Server 2007 Messaging Wh...Microsoft Unified Communications - Securing Exchange Server 2007 Messaging Wh...
Microsoft Unified Communications - Securing Exchange Server 2007 Messaging Wh...
 
Encrypting E-mail Messages
Encrypting E-mail MessagesEncrypting E-mail Messages
Encrypting E-mail Messages
 
Comprehensive Protection and Visibility into Advanced Email Attacks
Comprehensive Protection and Visibility into Advanced Email Attacks Comprehensive Protection and Visibility into Advanced Email Attacks
Comprehensive Protection and Visibility into Advanced Email Attacks
 
E book Elevate Your Email To The Cloud
E book Elevate Your Email To The CloudE book Elevate Your Email To The Cloud
E book Elevate Your Email To The Cloud
 
Microsoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterpriseMicrosoft Security adoptionguide for the enterprise
Microsoft Security adoptionguide for the enterprise
 
Securely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure ScoreSecurely Harden Microsoft 365 with Secure Score
Securely Harden Microsoft 365 with Secure Score
 
Microsoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveMicrosoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's Perspective
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment"Evolving Cybersecurity Strategies" - Threat protection and incident managment
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
 
Rapport X force 2014
Rapport X force 2014Rapport X force 2014
Rapport X force 2014
 
Office 365 Security - Its 2am do you know whos in your office 365
Office 365 Security - Its 2am do you know whos in your office 365Office 365 Security - Its 2am do you know whos in your office 365
Office 365 Security - Its 2am do you know whos in your office 365
 
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
 
Why You Need an Email Exploit Detection Engine
Why You Need an Email Exploit Detection EngineWhy You Need an Email Exploit Detection Engine
Why You Need an Email Exploit Detection Engine
 
Email Security Solutions | Seclore
Email Security Solutions | SecloreEmail Security Solutions | Seclore
Email Security Solutions | Seclore
 
Secure remote work
Secure remote workSecure remote work
Secure remote work
 
Using m365 defender to protect against solorigate
Using m365 defender to protect against solorigateUsing m365 defender to protect against solorigate
Using m365 defender to protect against solorigate
 
Fortifying Your Data Unveiling Enhanced Security And Privacy Features in Micr...
Fortifying Your Data Unveiling Enhanced Security And Privacy Features in Micr...Fortifying Your Data Unveiling Enhanced Security And Privacy Features in Micr...
Fortifying Your Data Unveiling Enhanced Security And Privacy Features in Micr...
 

More from Principled Technologies

Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...
Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...
Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...
Principled Technologies
 
Realize 2.1X the performance with 20% less power with AMD EPYC processor-back...
Realize 2.1X the performance with 20% less power with AMD EPYC processor-back...Realize 2.1X the performance with 20% less power with AMD EPYC processor-back...
Realize 2.1X the performance with 20% less power with AMD EPYC processor-back...
Principled Technologies
 
Improve performance and gain room to grow by easily migrating to a modern Ope...
Improve performance and gain room to grow by easily migrating to a modern Ope...Improve performance and gain room to grow by easily migrating to a modern Ope...
Improve performance and gain room to grow by easily migrating to a modern Ope...
Principled Technologies
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Principled Technologies
 
Increase security, sustainability, and efficiency with robust Dell server man...
Increase security, sustainability, and efficiency with robust Dell server man...Increase security, sustainability, and efficiency with robust Dell server man...
Increase security, sustainability, and efficiency with robust Dell server man...
Principled Technologies
 
Increase security, sustainability, and efficiency with robust Dell server man...
Increase security, sustainability, and efficiency with robust Dell server man...Increase security, sustainability, and efficiency with robust Dell server man...
Increase security, sustainability, and efficiency with robust Dell server man...
Principled Technologies
 
Scale up your storage with higher-performing Dell APEX Block Storage for AWS
Scale up your storage with higher-performing Dell APEX Block Storage for AWSScale up your storage with higher-performing Dell APEX Block Storage for AWS
Scale up your storage with higher-performing Dell APEX Block Storage for AWS
Principled Technologies
 
Get in and stay in the productivity zone with the HP Z2 G9 Tower Workstation
Get in and stay in the productivity zone with the HP Z2 G9 Tower WorkstationGet in and stay in the productivity zone with the HP Z2 G9 Tower Workstation
Get in and stay in the productivity zone with the HP Z2 G9 Tower Workstation
Principled Technologies
 
Open up new possibilities with higher transactional database performance from...
Open up new possibilities with higher transactional database performance from...Open up new possibilities with higher transactional database performance from...
Open up new possibilities with higher transactional database performance from...
Principled Technologies
 
Improving database performance and value with an easy migration to Azure Data...
Improving database performance and value with an easy migration to Azure Data...Improving database performance and value with an easy migration to Azure Data...
Improving database performance and value with an easy migration to Azure Data...
Principled Technologies
 
Realize better value and performance migrating from Azure Database for Postgr...
Realize better value and performance migrating from Azure Database for Postgr...Realize better value and performance migrating from Azure Database for Postgr...
Realize better value and performance migrating from Azure Database for Postgr...
Principled Technologies
 
Set up students and teachers to excel now and in the future with Intel proces...
Set up students and teachers to excel now and in the future with Intel proces...Set up students and teachers to excel now and in the future with Intel proces...
Set up students and teachers to excel now and in the future with Intel proces...
Principled Technologies
 

More from Principled Technologies (20)

Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...
Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...
Dell APEX Cloud Platform for Red Hat OpenShift: An easily deployable and powe...
 
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
 
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
 
Realize 2.1X the performance with 20% less power with AMD EPYC processor-back...
Realize 2.1X the performance with 20% less power with AMD EPYC processor-back...Realize 2.1X the performance with 20% less power with AMD EPYC processor-back...
Realize 2.1X the performance with 20% less power with AMD EPYC processor-back...
 
Improve performance and gain room to grow by easily migrating to a modern Ope...
Improve performance and gain room to grow by easily migrating to a modern Ope...Improve performance and gain room to grow by easily migrating to a modern Ope...
Improve performance and gain room to grow by easily migrating to a modern Ope...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
Upgrade your cloud infrastructure with Dell PowerEdge R760 servers and VMware...
 
A comparison of security features in Dell, HP, and Lenovo PC systems
A comparison of security features in Dell, HP, and Lenovo PC systemsA comparison of security features in Dell, HP, and Lenovo PC systems
A comparison of security features in Dell, HP, and Lenovo PC systems
 
Increase security, sustainability, and efficiency with robust Dell server man...
Increase security, sustainability, and efficiency with robust Dell server man...Increase security, sustainability, and efficiency with robust Dell server man...
Increase security, sustainability, and efficiency with robust Dell server man...
 
Increase security, sustainability, and efficiency with robust Dell server man...
Increase security, sustainability, and efficiency with robust Dell server man...Increase security, sustainability, and efficiency with robust Dell server man...
Increase security, sustainability, and efficiency with robust Dell server man...
 
Scale up your storage with higher-performing Dell APEX Block Storage for AWS ...
Scale up your storage with higher-performing Dell APEX Block Storage for AWS ...Scale up your storage with higher-performing Dell APEX Block Storage for AWS ...
Scale up your storage with higher-performing Dell APEX Block Storage for AWS ...
 
Scale up your storage with higher-performing Dell APEX Block Storage for AWS
Scale up your storage with higher-performing Dell APEX Block Storage for AWSScale up your storage with higher-performing Dell APEX Block Storage for AWS
Scale up your storage with higher-performing Dell APEX Block Storage for AWS
 
Get in and stay in the productivity zone with the HP Z2 G9 Tower Workstation
Get in and stay in the productivity zone with the HP Z2 G9 Tower WorkstationGet in and stay in the productivity zone with the HP Z2 G9 Tower Workstation
Get in and stay in the productivity zone with the HP Z2 G9 Tower Workstation
 
Open up new possibilities with higher transactional database performance from...
Open up new possibilities with higher transactional database performance from...Open up new possibilities with higher transactional database performance from...
Open up new possibilities with higher transactional database performance from...
 
Improving database performance and value with an easy migration to Azure Data...
Improving database performance and value with an easy migration to Azure Data...Improving database performance and value with an easy migration to Azure Data...
Improving database performance and value with an easy migration to Azure Data...
 
Realize better value and performance migrating from Azure Database for Postgr...
Realize better value and performance migrating from Azure Database for Postgr...Realize better value and performance migrating from Azure Database for Postgr...
Realize better value and performance migrating from Azure Database for Postgr...
 
Realize better value and performance migrating from Azure Database for Postgr...
Realize better value and performance migrating from Azure Database for Postgr...Realize better value and performance migrating from Azure Database for Postgr...
Realize better value and performance migrating from Azure Database for Postgr...
 
Set up students and teachers to excel now and in the future with Intel proces...
Set up students and teachers to excel now and in the future with Intel proces...Set up students and teachers to excel now and in the future with Intel proces...
Set up students and teachers to excel now and in the future with Intel proces...
 
Finding the path to AI success with the Dell AI portfolio - Summary
Finding the path to AI success with the Dell AI portfolio - SummaryFinding the path to AI success with the Dell AI portfolio - Summary
Finding the path to AI success with the Dell AI portfolio - Summary
 

Recently uploaded

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Recently uploaded (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 

In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security

  • 1. In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security When paired with Microsoft 365, VMRay provided added protection against novel attacks, sophisticated malware, and phishing attempts People are often the weakest links in an organization’s security chain. Despite the powerful advancements in server, processor, and personal computer security that make it difficult for hackers to simply take data by brute force, just one high-value employee accidentally clicking on a malicious email URL is all it takes to render many of these defenses useless. As email attacks aimed at employees grow ever more prevalent and sophisticated, security teams are looking for tools to help keep their sensitive data secure. Though Microsoft 365 offers its own email security features, sometimes threats can still slip through. VMRay Email Threat Defender (ETD) is a supplemental tool for Microsoft 365 that can help enhance organizational security by adding an extra layer of security and reducing the opportunities for employees to be deceived. At Principled Technologies, we tested VMRay Email Threat Defender with two Microsoft 365 offerings that had the following configurations: • Standard-preset Microsoft Exchange Online Protection (EOP) policies consistent with a Microsoft 365 E3 deployment • Standard-preset Microsoft Defender for Office 365 and Standard-preset EOP policies consistent with a Microsoft 365 E5 deployment In our tests, we found that supplementing the standard Microsoft 365 Defender and EOP policies with VMRay ETD increased protection against various types of threat, including malicious file types within email attachments, types of password-protected archives containing malware, malicious URLs in documents, and more. On a Microsoft 365 Enterprise E3 account: 13 additional types of malicious emails detected On a Microsoft 365 Enterprise E5 account: 5 additional types of malicious emails detected In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security February 2022 A Principled Technologies report: Hands-on testing. Real-world results.
  • 2. Our results Tables 1 and 2 give a breakdown of the type and quantity of threats that VMRay Email Threat Defender identified where Microsoft policies alone did not. Though Microsoft policies caught several types of malicious emails in each account, VMRay Email Threat Defender extended this protection to cover additional types of threats. Microsoft 365 E3 with EOP offers basic protection, and Microsoft 365 E5 with EOP and Microsoft Defender offers the best recommended standard protections for a typical user without introducing a large number of false positives. Our testing shows that VMRay Email Threat Defender can supplement these robust sets of security policies for additional peace of mind. Table 2: Types of attack that VMRay Email Threat Defender identified for the E5 account that Microsoft EOP and Defender alone did not. Source: Principled Technologies. Enhanced protection for E5 Standard EOP and Standard Defender policies Quantity Type of attack 3 Malicious files in attachments 1 Password-protected archive attachments containing malware 1 Hidden, malicious macros within files Table 1: Types of attack that VMRay Email Threat Defender identified for the E3 account that Microsoft EOP alone did not. Source: Principled Technologies. Enhanced protection for E3 Standard EOP policies Quantity Type of attack 4 Malicious files in attachments 2 Password-protected archive attachments containing malware 2 Hidden, malicious macros within files 1 Malicious URL within a document 4 Obscured or shortened URLs within the email body In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security February 2022 | 2
  • 3. How we tested We deployed two accounts within Microsoft 365 using security policies consistent with either an E3 EOP or E5 EOP and Microsoft Defender deployment. E3 and E5 are enterprise subscription plans for Microsoft 365, with E5 offering more advanced security settings than E3. The E5 plan uses the cloud-based Microsoft Defender for Office 365 in conjunction with Microsoft EOP policies. After configuring each account with VMRay Email Threat Defender, we began our tests. We sent to each account a set of email messages, each of which contained a particular type of threat (such as malicious links and attachments) to see which threats were still able to reach each account’s inbox. When an email did not arrive at the inbox, we checked the Microsoft and VMRay quarantines. We configured VMRay Email Threat Defender to process emails only after Microsoft 365 security features had a chance to respond. Therefore, any emails caught within the VMRay Email Threat Defender quarantine would not have been picked up by Microsoft 365 alone. Email Threat Defender can scan emails at earlier points, but we did not test those features. We generated each attack type in one of two ways: either by obtaining (and altering, if necessary) threat samples from third-party websites that collect samples for security professionals, or by using recent threat samples that VMRay has obtained from its customers (after scrubbing all sensitive information). Because we used live threats, our samples were limited by the number of threats available around the time of testing. Note that in this report, we have purposefully obfuscated or omitted sensitive details that could lead bad actors to identify and exploit vulnerabilities we found in our testing. For some additional details, see the science behind the report. About VMRay Email Threat Defender According to the VMRay website, Email Threat Defender fully automates inbound email scanning by analyzing attachments and links before an email can land in a user’s inbox. Rather than fully replace an email app’s existing security features, VMRay works to enhance native protection as a second layer of defense, integrating with Microsoft Defender APIs and connectors and sharing its analytics with other security tools. To learn more about Email Threat Defender, visit https://www.vmray.com/products-email-threat-defender-etd/. In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security February 2022 | 3
  • 4. Conclusion The best data center security in the world may be unable to stop a hacker if one gains access to a high-value account via a convincing phishing email. To reduce the likelihood of a successful attack, it can help to supplement your organization’s existing email security tools for an added layer of protection. In our tests, we found that VMRay Email Threat Defender enhanced the native security of Microsoft 365 E3 and E5 accounts by protecting against more types of malicious email attacks—13 types of attacks beyond E3 protection and 5 types of attacks beyond E5 protection. Adding VMRay Email Threat Defender to your Microsoft 365 deployment could help prevent successful phishing attempts and help keep your business safe. Just one malicious email reaching the right inbox is enough opportunity to compromise critical organizational assets as well as employee and customer data. For more information, visit https://www.vmray.com/solutions/close-the-gaps-in-your-office-365-email-security/. Principled Technologies is a registered trademark of Principled Technologies, Inc. All other product names are the trademarks of their respective owners. For additional information, review the science behind this report. Principled Technologies® Facts matter.® Principled Technologies® Facts matter.® This project was commissioned by VMRay. Read the science behind this report at https://facts.pt/iHN6LLy In hands-on tests, VMRay Email Threat Defender caught malware and phishing attacks that bypassed Microsoft 365 security February 2022 | 4