Malicious files and links regularly bypass email security products, leaving enterprises vulnerable to email-based attacks.
Increased use of automation allows attackers to create many ‘mutations’ for each malware or malicious file, potentially inundating email security products with new unknown threats. Could this explain the shortcoming of email security products? To answer this question BitDam conducted a study to measure their ability to detect unknown threats at first encounter.
The study entailed retrieving very fresh samples of malicious files from various feeds and sources, qualifying them as unknown threats, and then sending them to mailboxes protected by Office365 ATP, G-Suite Enterprise or Proofpoint. BitDam measured miss rate at first encounter and Time To Detect (TTD) for these unknown threats.
Their findings show a miss rate of 20-40% and a Time To Detect of 24-48 hours. This detection gap keeps enterprises continually unprotected against unknown threats.
This study is no longer available.