Catching the Phish that Got Away

This paper argues why organizations should move from a gateway-based single-pass inspection model to a layered security model that includes continuous email monitoring and detection at the inbox to effectively combat today’s phishing and malware threats.

Such Inbox Detection & Response solutions leverage the industry shift to email platforms like Office 365 and Gmail to scan every message for threats and anomalous behaviors post-delivery and, when a threat is identified, automatically performing “claw back” of suspicious messages from all impacted inboxes. Not only is this approach more effective than the traditional single-pass inspection model, but it also alleviates the labor-intensive process of investigating, containing, responding to, and remediating malicious emails by leveraging user input in an automated way.