GreatHorn, the leading cloud email security provider focused on managing risk from advanced email threats, achieved substantial product innovation, customer growth, and expansion during 2019 with improvements to its industry-leading adaptive threat detection, user protection, and incident response capabilities.
Demonstrating its continued market leadership, GreatHorn released the industry’s most sophisticated computer vision-driven solution for credential theft recognition, as well as bulk remediation capabilities that meet the scale of enterprises with complex mail environments and effectively reduce time-to-response for post-delivery attacks. The company also launched a fully featured, bidirectional API for integration with SOAR, SIEM, and other security platforms. With a focus on increasing visibility and control of an organization’s email security environment, these enhancements to GreatHorn’s flagship product improve threat identification, reduce user engagement with suspicious email, and automate post-delivery remediation.
Targeted attacks through email continue to be the biggest threats facing the modern connected enterprise. Both legacy solutions such as secure email gateways and the native email security controls within cloud email platforms fail to recognize email security as a risk management function, focusing instead on a 100% prevention mindset that does not provide adequate protection. Sophisticated payload-free attacks, such as impersonations, credential theft attempts, and business services spoofing, often slip past traditional perimeter-based defenses, and organizations have lacked the tools they need to quickly respond and minimize their exposure.
“In one Global 1000 company, we found that a traditional gateway missed 40% of executive impersonations, and 15-20% of all threats, including business email compromise, credential theft, and malicious links,” said Kevin O’Brien, co-founder and CEO of GreatHorn. “We recognize that email security needs to be approached as a risk management function, and so we are continually developing capabilities that not only identify sophisticated threats more effectively, but also reduce time to response through tools that automate and accelerate remediation, minimizing potential impact to businesses.”
Expanded Threat Detection
In 2019, GreatHorn incorporated advanced machine learning techniques to expand the number of threats GreatHorn Email Security can detect and remove. Developments included:
- Identification of credential theft sites: Part of GreatHorn’s Link Protection feature, this capability uses advanced computer vision analysis to quickly assess the authenticity of common login pages such as Office 365 and G Suite, thereby identifying and blocking zero-day credential theft threats even if they were weaponized after the email was delivered.
- Expanded detection capabilities: GreatHorn further extended its use of data science to detect more threat types and provide more fine-tuned analysis.
- Automatic detection of domain lookalikes: GreatHorn was awarded a U.S. patent for an algorithm and threat analysis method that identifies fraudulent email messages aiming to impersonate either the target’s company domain or a well-known brand.
Stronger End-User Protection
Reducing user engagement with suspicious phish is a critical component of the GreatHorn Email Security platform. By providing users context and threat-specific warnings, the product encourages better risk decisions at the moment they open and interact with their messages, warning users when they are most at risk for interacting with a potential threat. The capabilities GreatHorn expanded in 2019 include:
- Cobranding personalized security context: Email banners, policy reminders, and suspicious link preview pages can now be branded with company logos. When these notifications are delivered with company logos, it improves user recognition and trust.
- General availability of GreatHorn Reporter: This client-side plugin provides digestible threat analysis for any given email and allows employees to easily report phish and manage individual spam block lists directly from the email client. GreatHorn Reporter reduces the administrative burden for security teams with fewer phish reports and integration into the GreatHorn Email Security platform for additional search, forensics, and remediation if necessary.
Faster Incident Response
Time to remediation is a critical factor when reducing the risk of an emerging threat. GreatHorn extended its core response features in 2019 with:
- Simplified bulk email removal: Released in the first quarter of 2019, this capability enables incident response teams to search for and automatically remove thousands of malicious emails from any employee company inbox within seconds.
- Expanded search and forensics: Upgrades to the platform’s robust search engine enable teams to search against any combination of factors—from simple content-based keyword searches to more technical metadata—to quickly and precisely identify who has received a given threat and when.
Enterprise Visibility and Controls
GreatHorn’s rapid growth has increased the ways customers are using GreatHorn within the context of the rest of their security portfolio. The following capabilities were released to support these efforts:
- Bidirectional API: GreatHorn released a fully featured, bidirectional API designed to integrate email protection and response with the rest of an organization’s security stack, including SOAR, SIEM, and other platforms, to reduce risk, manual effort, and time to response.
- Immediate, automated customization: In Q4, GreatHorn introduced new capabilities that speed the availability of both organization- and individual-specific analysis such as communication patterns, relationship analytics, technical fingerprinting, and other data science techniques.
- Performance and scalability updates: Improvements enabled the platform to accommodate rapid customer growth and its resulting mail volume.
Additional Points of Success in 2019:
- Significant customer expansion: On the heels of significant market expansion, GreatHorn added marquee customers across multiple industries, including technology, healthcare, consumer products, and state and local government. The company now analyzes nearly a billion emails every month, identifying and stopping millions of threats that less mature products miss.
- Series B funding round: GreatHorn’s revolutionary approach to cloud-based email security and rapid expansion into the enterprise market were critical factors behind its $13 million funding round.
- Employee growth: The company expanded its workforce by 150% and secured a new corporate headquarters in Waltham, MA. At twice the size, the new facility will accommodate recent and future growth and provide employees with critical space needed for continued innovation.
- SOC 2 Type 2 certification: GreatHorn successfully completed the Service Organization Control (SOC) 2 Type 2 attestation report, meeting the standards for security, availability, and confidentiality with zero exceptions listed for the second consecutive year.
- SC Award finalist: GreatHorn Email Security was recognized as a finalist in the “Best Email Security Solution” Trust Award category for the 2020 SC Awards. Winners will be announced in late February.
Businesses interested in securing their Office 365 and Google G Suite email platforms with GreatHorn can request a demo here: https://www.greathorn.com/demo/.
Global 2000 companies use GreatHorn to reduce the inherent and pervasive risk associated with the everyday use of email. GreatHorn’s multi-staged approach to email security automatically combines data science, machine learning techniques, and technical analysis with human context to protect organizations before, during, and after a phishing attack.
By treating email security as a risk management function, customers can not only detect and remove more attacks but also warn users in real time of potential threats and provide response teams with the tools to limit exposure and minimize risk. As a result, GreatHorn Email Security safeguards cloud email from advanced threats such as business email compromise, impersonations, credential theft, account takeover, and other phishing attacks.