Case Study
Perception Point Case Study:
Augmenting Microsoft Defender
At a Glance
The Company
Problem
- Better protection: Advanced threat protection service was required to provide additional layers of security to augment Microsoft 365 security solutions.
- Easy integration and reduced risk: A gradual deployment process across the organization required customization.
- Scalability: Seamless expansion to absorb an additional 60,000 users, demanding a scalable cloud-native solution.
Perception Point Solutions
The customer required a modern Integrated Cloud Email Security (ICES) solution that could deploy on top of Microsoft Defender and deployed Perception Point’s Advanced Email Security.
Results
- Intercepted over 400,000 malicious attacks;
- Blocked over 1,600,000 spam emails;
- Scanned clean emails at an average of < 11 seconds.
Challenge
In this case study, a global industrial gases and engineering company was facing growing threats, which led them to seek out an advanced email security solution that would augment their existing Microsoft 365 tools.
Globally, we communicate and run our businesses in a digital landscape that is threatened by the growing sophistication and sheer numbers of cyber threats and vulnerabilities. Energy companies are increasingly threatened by cyber-attacks via multiple channels and threat vectors, which can result in severe consequences. Just recently, US Colonial pipeline was hit by a ransomware attack that shut down the service for five days, resulting in the company paying a ransom of $5M. This is just one of many cyber-attacks being targeted at the gas and oil industry.
The client is a large global company with over 60,000 users across different geographic sites. The client functions within a complex environment that poses many challenges when integrating additional security platforms. The substantial escalation of targeted cyber attacks on large scale companies made the implementation of an advanced security solution vital. The objective was clear: the client required an advanced cybersecurity solution that did not compromise performance. The client faced the following challenges:
- The client utilized a complicated Microsoft 365 environment which consisted of many rules and settings across the organization. Therefore, the client required a flexible security system that could adjust itself accordingly.
- The client’s size and large number of users posed a challenge for integrating with legacy non-cloud-native platforms. The client’s users were located in several regions, each with different settings and needs. Further, the client required a gradual deployment process that would not affect its users’ performance or work environment.
“The most valuable features of the solution are the ones that are related to finding impersonation attacks and detecting attempts to steal credentials. In scenarios where attackers get you to follow URLs to a malicious site that looks similar to a good site, and then ask for the user credentials to try to steal them, it is very useful. It also has features for detecting branding impersonation…And specifically, when it comes to protecting our VIPs and avoiding BEC (business email compromise) attacks, that is another important part for us…It scans pretty much all content, so it's full-scale. We see in our dashboard how emails are categorized by different engines. There isn't just one engine that determines whether an email is malicious. They have a multi-engine architecture for detection of malicious emails. They provide full scanning of email.”
Director of Office365 Services
Solution
- Perception Point provided a gradual and comprehensive deployment process that included a full support team with thorough understanding of Office 365 settings. Our Incident Response and Customer Support teams were available around the clock to review and manage incidents, provide technical support, answer questions and resolve any issues that arose during the deployment and after.
- Perception Point provided a flexible integration process that was divided into different regions and settings. The deployment was expanded to different regions in a gradual process, while implementing different settings according to each region’s needs.
- The adaptability of the Perception Point cloud-native platform allowed easy accommodation of the customer’s requirements and scaling needs.
- Real time dynamic scanning of all content provided best protection without compromising performance time.
Over a 4-month period, Perception Point’s security system scanned millions of files and URLs. Since then, the system has successfully blocked thousands of malicious attacks and reduced the amount of spam being sent to its employees.
Traffic:
- Total emails scanned: 34,570,884
- Total artifacts scanned: 95,076,035
- Embedded files/mail ratio: 0.4x
- Embedded URLs/mail ratio: 1.3x
Events:
- Attacks prevented: >400k
- Spam blocked: 1.6M
- Most prevalent attack: Phishing (160k unique attacks)
- Number of advanced attacks blocked by the HAP engine – next-gen sandbox: 1,215
Performance:
- Avg. Scan time for clean content: 9 seconds; 75% of content is scanned within 11 seconds
- 100% of content scanned dynamically