Armorblox Launches Graymail, Recon Attack Protection

Armorblox, today releases its newest product, graymail and Recon Attack Protection, developed to decrease the time security teams spend managing graymail and mitigate the security risks from malicious recon email.

This is in addition to the announcement of new capabilities across two main products of the Armorblox cloud-delivered email security and data loss prevention platform: Advanced Data Loss Prevention and Abuse Mailbox.

The new capabilities are designed to enhance overall productivity across security teams by providing custom, automated workflows across user-reported threats, improved graymail detection and classification, and enhancements to data protection features.

The features build on the platform’s existing capabilities, which provide comprehensive email protection for automatically detecting and protecting against emerging language-based cyber threats, preventing accidental or malicious data leakage and compliance violations across all communication channels, and saving security teams time from having to manually sort through graymail and respond across individual user-reported threats.

The new Armorblox capabilities include:

  • Improved graymail detection and protection against recon threats – Armorblox graymail and recon attack protection uses advanced machine learning algorithms and large language models to enable the precise detection and classification of graymail, such as newsletters and marketing emails, and unwanted solicitation from a legitimate source – all while reducing the risk of malicious reconnaissance threats, emails disguised as genuine graymail communications with the intention of eliciting a response prior to exfiltrating sensitive data. Automatic remediation removes the need for manual review, saving security teams up to 30 hours each week, and end-user preferences (based on the movement of graymail) are automatically monitored and applied for all future incoming graymail communications.
  • Abuse mailbox custom workflows for end-user-reported phishing threats – Security teams now can automate the feedback loop back to end users for user-reported phishing incidents submitted to Armorblox Abuse Mailbox. This keeps end-users informed of the status of user-reported threats and engaged in the security process. Preconfigured templates allow security teams to automate the response back to end users based on incident type, while custom templates allow for pre-authorized workflows to be quickly and efficiently identified as exceptions for a reduction in false positives.
  • Custom DLP workflows – Armorblox Advanced Data Loss Prevention provides powerful data protection capabilities, including automatic classification, protection, and encryption of sensitive information (PII/PCI/PHI, source codes, tabular data, across languages). The latest enhancements bring investigation, management, and response to sensitive emails that have been blocked together into a streamlined workflow. Insightful DLP analysis per incident allows admins to quickly remediate (delete or request alterations) or release the email to be sent.

“As cyber criminals ramp up the sophistication of their socially engineered attacks with generative artificial intelligence tools such as ChatGPT, only email security solutions that apply the full capabilities of large language models for language-based detection can protect end users from the onslaught of emerging attacks,” said Arjun Sambamoorthy, Co-founder and Chief Architect at Armorblox.

Armorblox large language models (LLM) and AI capabilities include:

  • GPT large language models & AI – Analyzes the content and context of email communications: text in the email body and attachments for tone (like urgency) and intent (unusual requests) often seen in social engineering tactics, and provides in-depth email analysis to protect against sender impersonation, ransomware/extortion, account compromise attacks and graymail.
  • Computer vision – Follows URLs to the final destination and inspects in real-time to protect against fake landing pages used in malicious credential phishing campaigns. Minute, visual deviations such as image and layouts often go unnoticed by the human eye, Armorblox analyzes and safely redirects end users away from these malicious pages.
  • Malware & file attachment inspection – Provides static and dynamic analysis of attachments, malware, and advanced persistent threat analysis, while ensuring there are no delays in end users gaining access to critical emails nor disruption to email-based business workflows.
  • Contextual analysis & attacks overview – Creates both user-specific and organization models for custom behavior baselines, so that how and who one communicates with are continuously monitored and anomalous communications and conversations are automatically flagged.

Armorblox experts will be hosting demos, April 24-27, at RSA Conference 2023, San Francisco, Booth #5304, Moscone, North Expo.