Case Study

Augmenting Microsoft Defender

Perception Point leveraged agile deployment alongside existing Microsoft Defender to prevent advanced email security attacks from reaching users’ inboxes for a leading multinational oil & gas enterprise.

At a Glance

The Company

A leading global industrial gases and engineering company, with over $25 billion sales.

Problem

  • Better protection:  Advanced threat protection service was required to provide additional layers of security to augment Microsoft 365 security solutions.
  • Easy integration and reduced risk: A gradual deployment process across the organization required customization.
  • Scalability: Seamless expansion to absorb an additional 60,000 users, demanding a scalable cloud-native solution.

Perception Point Solutions

The customer required a modern Integrated Cloud Email Security (ICES) solution that could deploy on top of Microsoft Defender and deployed Perception Point’s Advanced Email Security.

Results

Over a four month period, Perception Point: 

  • Intercepted over 400,000 malicious attacks; 
  • Blocked over 1,600,000 spam emails; 
  • Scanned clean emails at an average of < 11 seconds. 

Challenge

In this case study, a global industrial gases and engineering company was facing growing threats, which led them to seek out an advanced  email security solution that would augment their existing Microsoft 365 tools

Globally, we communicate and run our businesses in a digital landscape that is threatened by the growing sophistication and sheer numbers of cyber threats and vulnerabilities. Energy companies are increasingly threatened by cyber-attacks via multiple channels and threat vectors, which can result in severe consequences. Just recently, US Colonial pipeline was hit by a ransomware attack that shut down the service for five days, resulting in the company paying a ransom of $5M. This is just one of many cyber-attacks being targeted at the gas and oil industry.

The client is a large global company with over 60,000 users across different geographic sites. The client functions within a complex environment that poses many challenges when integrating additional security platforms. The substantial escalation of targeted cyber attacks on large scale companies made the implementation of an advanced security solution vital. The objective was clear: the client required an advanced cybersecurity solution that did not compromise performance. The client faced the following challenges: 

  • The client utilized a complicated Microsoft 365 environment which consisted of many rules and settings across the organization. Therefore, the client required a flexible security system that could adjust itself accordingly. 
  • The client’s size and large number of users posed a challenge for integrating with  legacy non-cloud-native platforms. The client’s users were located in several regions, each with different settings and needs. Further, the client required a gradual deployment process that would not affect its users’ performance or work environment. 

“The most valuable features of the solution are the ones that are related to finding impersonation attacks and detecting attempts to steal credentials. In scenarios where attackers get you to follow URLs to a malicious site that looks similar to a good site, and then ask for the user credentials to try to steal them, it is very useful. It also has features for detecting branding impersonation…And specifically, when it comes to protecting our VIPs and avoiding BEC (business email compromise) attacks, that is another important part for us…It scans pretty much all content, so it's full-scale. We see in our dashboard how emails are categorized by different engines. There isn't just one engine that determines whether an email is malicious. They have a multi-engine architecture for detection of malicious emails. They provide full scanning of email.”

Director of Office365 Services

Solution

  • Perception Point provided a gradual and comprehensive deployment process that included a full support team with thorough understanding of Office 365 settings. Our Incident Response and Customer Support teams were available around the clock to review and manage incidents, provide technical support, answer questions and resolve any issues that arose during the deployment and after. 
  • Perception Point provided a flexible integration process that was divided into different regions and settings. The deployment was expanded to different regions in a gradual process, while implementing different settings according to each region’s needs.
  • The adaptability of the Perception Point cloud-native platform allowed easy accommodation of the  customer’s requirements and scaling needs.
  • Real time dynamic scanning of all content provided best protection without compromising  performance time. 

 

Over a 4-month period, Perception Point’s security system scanned millions of files and URLs. Since then, the system has successfully blocked thousands of malicious attacks and reduced the amount of spam being sent to its employees. 

Traffic:

  • Total emails scanned: 34,570,884 
  • Total artifacts scanned: 95,076,035
  • Embedded files/mail ratio: 0.4x
  • Embedded URLs/mail ratio: 1.3x

 

Events:

  • Attacks prevented: >400k
  • Spam blocked: 1.6M
  • Most prevalent attack: Phishing (160k unique attacks)
  • Number of advanced attacks blocked by the HAP engine – next-gen sandbox: 1,215

 

Performance:

  • Avg. Scan time for clean content: 9 seconds; 75% of content is scanned within 11 seconds
  • 100% of content scanned dynamically 

Summary

Perception Point is pleased to be able to contribute to our client’s advanced security protection stack. Agile deployment along with the existing Microsoft Defender, is preventing the most advanced email security attacks including phishing, BEC, ATO and zero-days before they reach the users’ inboxes. Combining best protection with multi-layer advanced detection, integrated IR services and an innovative security approach, Perception Point delivers the ultimate security solution for contact-borne attacks.

Read More about Augmenting Microsoft 365 security here.

 

TALK TO SALES

Ready to Try
Perception Point?

Learn More

Operation Red Deer

Outing Aggah’s Sophisticated Tactics, Techniques and Procedures (TTPs) Targeting Israel
learn MORE

Securing Safari Browsers with Perception Point’s New Safari Extension

In this blog, we review how you can enhance your browser security with Perception Point’s new extension for Safari.
learn MORE

Behind the Attack: Account Takeover (ATO)

In this blog we explore the kill chain of a compromised mailbox, after a user has undergone an Account Takeover (ATO) attack.
learn MORE

AI: The Double-Edged Sword of Cybersecurity

Attackers are using AI in their cyber offense, but cybersecurity leaders can also take advantage of AI in their defense.
learn MORE

Hackers Use Password-Protected OneNote Files to Spread Malware

In this blog, we explore a new attack in which threat actors exploit encrypted OneNote documents to deliver malware.
learn MORE

What Goes “App” Could Take You Down

Files “are like a box of chocolates, you never know what you’re going to get”. In this blog, we cover the risks of malicious file uploads to web apps and the best practices to prevent them.
learn MORE
Our news
Our Press
Request Demo

© 2023 Perception Point Inc. All rights reserved.