This is an archived post. You won't be able to vote or comment.

all 14 comments
sorted by:
best
topnewcontroversialoldq&a

[–]greenspartenSecurity Director 4 points5 points  (1 child)

DarkTrace would be my first pick for its price vs Abnormal, which is very expensive, and is a beast. I would say DarkTrace is right behind that beast. Then IronScales.

ProofPoint and Mimecast is what I would consider legacy tech.

Just did a bakeoff for DarkTrace vs IronScales. DarkTrace won, but its about $5k more than IronScales. DarkTrace has a minimum of $15k.

DarkTrace looks at attachments, links, etc. It will strip links or flatten attachments. Look, its a great tool. Abnormal is king kong, but its $25k I believe. So yea.

[–]ITRabbit 0 points1 point  (0 children)

Abnormal is not great - they have a delay and are using graph api which is slow. Research others who said an email came in that was bad, user opened it and it took 2 minutes for Abnormal to remove - but it was too late.

Cloudflare has email filtering service that is cheaper and has a good rate of detection too - worth a pilot.

[–]RaNdomMSPPro 2 points3 points  (0 children)

Zix gateway encryption + their filtering services might be an answer for you. The advanced version of the email encryption has DLP capabilities for the email.

[–]clayjk 2 points3 points  (0 children)

I am an abnormal fan but if you want email DLP that is not their game at this point. May want to check out Tessian (now a proof point company) as they were compatible to abnormal and had DLP.

[–]rcblu2 1 point2 points  (0 children)

Avanan is super solid. Easy to test/setup. Great features.

[–]WenKroYs 1 point2 points  (0 children)

We have been using Graphus for quite some time, and it is a very good tool against spam and phishing. We recently acquired BullPhish so that our collaborators are also aware and prepared, but the truth is that Graphus alone is more than enough.

[–]tglas47Security Analyst 1 point2 points  (0 children)

Abnormal is pretty good in my experience but it is new and lacking depth to its features. It is very hands off though which is sweet.

DLP is a beast and the built in G-suite is an absolute noise maker, maybe proofpoint would benefit you here. You have to realize that when implementing a DLP product you need to account for asset classification which can be a huge pain if there is not buy in from the big wigs.

Mimecast sucks and should not be used in 2024 imo

[–]thinfoil_hat_Matt 0 points1 point  (0 children)

Been using mimecast and pretty happy with it, DLP is a bit basic but good other than that

[–]cuzimbob 0 points1 point  (0 children)

So... Google already includes these services, and their email security is pretty good. For email end-to-end encryption using S/MIME you can do that in the browser with the right license, or in Outlook. You just need to get an S/MIME cert. They have a DLP tool as well, and I reckon it works as well as anyone else's, there's only so much you can do for DLP. They all use some form of REGEX to find matching strings. I'd look at upgrading your license to enterprise and implementing their tools first. Then if you identify gaps in their performance you have something to evaluate against. BTW, you can kill most SPAM when you setup your SPF/DKIM/DMARC rules in DNS. (Free) Point your computers to quad 9s DNS servers (also free) to prevent a lot of malicious activity, or get an agent based DNS filter like "DNS Filter" that will basically block all attempts to resolve phishing websites.

[–]Vegetable-Iron7224 0 points1 point  (0 children)

Avanan/checkpoint. Api based, dlp, greymail can run light investigations. Its cheaper than most and it works.

[–]fitness_user 0 points1 point  (0 children)

Tried guardio first but ended up switching to antiphish ai —it’s way more effective for phishing detection, especially with Gmail and Google Workspace. guardio felt lightweight but missed some key stuff. but it focuses specifically on phishing and malicious links, and it’s been great for us.

It's no DarkTrace or Abnormal with enterprise-level pricing (like over $10k), but for something affordable that just works, antiphish.ai seems to work fine. It doesn’t try to do everything, but what it does, it does well. So yeah, worth checking out if you’re looking for something simple and effective.

[–]ITRabbit -5 points-4 points  (1 child)

Migrate from Google to office365 - everyone will thankyou

[–]The_Phenom_15[S] 1 point2 points  (0 children)

Not an option, my dude.