Zero-Hour Threat Detection
As more malicious email attacks take on the form of low-volume targeted attacks, the issue of zero-hour threats is greater than ever. Emerging email security threats via low-volume, targeted attacks are more common now than ever – designed to remain undetected for as long as possible. The need to identify and assess suspicious email messages early in the outbreak cycle is critical.
Proofpoint Zero-Hour Threat Detection protects enterprises against new email security threats, such as phishing attacks and viruses as they emerge. This adds an additional layer of security threat assessment and detection over the Spam Detection, Phishing Protection, and Virus Protection layers, providing critical defense-in-depth protection.
Proofpoint Zero-Hour Threat Detection Key Capabilities:
- Defense-in-Depth: Zero-Hour Threat Detection provides an additional layer of security threat detection by assessing and identifying emerging email security threats that cannot be positively confirmed by the Spam Detection, Phishing Protection, and signature-based Virus Protection layers.
- Protection against Emerging Threats: Zero-Hour Threat Detection assesses and identifies suspicious emails and takes preventative action, keeping systems safe. By temporarily delaying email messages, more information can be gathered to make an assessment for a positive confirmation regarding the threat and then taking the appropriate action (e.g., repairing virus infected messages, moving phishing messages to the Phishing Quarantine, or moving spam messages to a Spam Quarantine)
- Minimized Administration while Reducing Overall Risk: Unlike many outbreak-filter technologies, Zero-Hour Threat Detection accurately detects and temporarily quarantines only messages associated with an emerging security threat, without stopping legitimate email. For example, instead of quarantining all emails with one specific attachment type, Proofpoint Zero-Hour Threat Detection only delays specific messages that are classified as being part of an emerging outbreak. And by delaying, rather than blocking, email messages are automatically assessed and rescanned within a short period of time, minimizing administrative overhead and reducing overall risk from zero hour attacks.