Products / Email Threat Protection / Attachment Protect
Safeguard against email threats with attachment protection
Concealed as Microsoft Office documents, PDFs, voicemails or ZIP files, malicious attachments are one of the most effective attack vectors in cybercriminals’ world.
Hackers may launch attachment-based phishing campaigns, tricking victims into opening weaponized attachments or use drive-by-downloads to deliver ransomware, viruses or other malware, attempting to lock victims’ data or computer. They can also send attachments containing malicious links to install keyloggers or banking trojans aimed to access to users’ personal data and steal credentials. Attachment protection is thus crucial for organizations of all sizes to defend against ransomware, spear phishing and other advanced persistent threats using malicious attachments.
Cellopoint’s superior attachment potection
Cellopoint’s Advanced Threat Protection with Attachment Protect provides an industry-leading defense above the standard email security measures. Delivered as a cloud service or an on-premises solution, Cellopoint Attachment Protect uses multi-layered scanning and static code analysis to detect malicious attachments, including encrypted attachments and archive files. This helps organizations stop known malware efficiently.
In addition to signature-based detection, behavioral sandboxing is provided to detect unknown threats. Unlike conventional sandboxing solution, Cellopoint Attachment Protect uses full system emulation and anti-evasion detection to identify malware designed to evade existing defenses and detect zero-day exploits and other advanced persistent threats efficiently.
The Cellopoint Attachment Protect, part of Cellopoint Advacned Threat Protection, provides comprehensive protection against potentially malicious attachments, effectively stopping advanced email-borne threats before they enter an organization’s environment.
Its capabilities include:
Static code analysis
Attachments are evaluated for any traits consistent with malware, such as abnormal code, obfuscated scripts and any suspicious objects.
Cellopoint uses full system emulation to detect evasive malware and provide deep content inspection. This allows the sandbox to emulate the use of CPU, memory, the operating system and the applications.
After sandboxing, Cellopoint performs correlation analysis and threat scoring to determine whether the email should be quarantined or released.
A summary forensic report is available on Cellopoint dashboard to provide visibility into attachment-based risks.
Encrypted attachment detection
Archive file detection
(ZIP, TAR, TBZ, TGZ, LZH, JAR)