Throughout this year, we saw just how quickly the threat landscape can change.
We all transitioned from the office to our homes overnight. Employees relied on email and other communication and collaboration tools more than ever. And hackers took advantage of the general fear and uncertainty around the pandemic and impersonated health care providers and government organizations.
But, at the same time, Tessian rolled out a number of important product updates to help keep our customers safe, wherever they worked.
Here are the most important product updates to Tessian’s Human Layer Security platform for 2020.
Tessian customers now have unprecedented visibility into their Human Layer risks. For example, breaking the rules, making mistakes, and being tricked.
The new HLS Intelligence (HLSI) platform automatically surfaces insights about risky employee behavior and high-risk security events, allowing security leaders to know where to focus their efforts. Customers can also benchmark their risk levels against industry peers to help them identify how and where they can improve their security posture.
Investigation and remediation are also effortless. Security teams can take immediate action, from the platform.
Finally, customers can use the Tessian API to receive real-time security events directly into their chosen SIEM or SOAR platform.
Want to learn more about HLSI? We outline all the key features of our new platform in this article.
Thanks to new features within Tessian Enforcer, customers can now automatically detect users who suddenly exfiltrate an unusually high amount of data. This allows security and compliance teams to easily spot bad leavers and insider threats, without spending time viewing and investigating individual cases of data exfiltration.
Instead, Enforcer automatically analyzes patterns and spot trends that deviate from what’s considered “normal” for a particular employee.
For example, every month, an employee might send their paycheck to their personal email account. Enforcer tracks this behavior, but no action is needed. Why? Because this data isn’t sensitive. But, one day, the employee sends fifteen sensitive emails to his personal account. Enforcer recognizes that this is unusual for the user, and alerts the compliance team, who can take appropriate action.
No manual investigation required.
Email attacks are becoming more and more advanced and it’s increasingly complicated for security teams to decide if a suspicious email is a real attack, or a legitimate business email.
Defender now surfaces insights like the geolocation of a suspicious email’s sender to help security teams identify more threats, faster.
Security teams can also speed up their workflows with advanced remediation and prevention capabilities. For example, customers can now delete malicious emails in employees’ mailboxes – directly from the Tessian portal – saving precious time and reducing risk.
And, with Defender Quarantine, customers can also use Defender to proactively prevent threats with a single-click before they enter an employee’s mailbox.
Throughout 2020, Tessian Defender’s machine learning improved to detect an ever-broader spectrum of advanced email attacks that evade legacy security systems.
Defender now protects against threats like brand impersonations and attacks where threat actors exploit Sendgrid vulnerabilities to send spoofed emails.
Tessian Enforcer also received a major upgrade, using a new Natural Language Processing (NLP) model that accurately classifies sensitive content in emails and detects topics such as financial, health, or HR data without needing to manually configure keywords or rules.
This means that customers receive significantly better protection against sensitive data-exfiltration attempts with fewer interruptions to their workflow.
Tessian doesn’t just prevent breaches in real-time. Our platform also educates users to improve their security reflexes and continually drive risk down.
Tessian customers can now educate, raise security awareness, and reinforce training and policies among their employees better than ever before, all while minimizing business interruptions.
With Tessian Defender, organizations can now educate employees who receive unusual emails that meet specified conditions. For example, security teams might choose to alert employees who receive an email from a new sender that requests money.
Although these kinds of emails aren’t necessarily malicious, you may want to make your user aware of the fact that the sender is new.
With Tessian Enforcer, companies can also choose to show users a custom warning message whenever they try to exfiltrate data, whether done maliciously or accidentally. This allows businesses to easily educate employees or remind them of existing IT policies.
Tessian has created the world’s first Human Layer Security platform and exciting developments lie ahead as we build out a holistic platform to protect people using email and, eventually, other interfaces frequently used in the workplace.
Across four modules, Tessian protects the Human Layer by detecting and preventing both inbound and outbound threats. This includes advanced spear phishing attacks, accidental data loss, and data exfiltration.
Tessian is quickly and easily deployed to Office 365, Exchange, and G-Suite, product updates are seamlessly rolled out for users and administrators, and the technology – which doesn’t disrupt workflow – was built with security and productivity in mind.