Proofpoint closes acquisition of Tessian.

Request a demo
Request a demo
Request a demo
Request a demo
Request a demo

Tessian Defender API Deployment and Enhanced Quarantine Capability

Robert Slocum • Friday, March 25th 2022
Tessian Defender API Deployment and Enhanced Quarantine Capability

Tessian Cloud Email Security intelligently prevents advanced email threats and protects against data loss, to strengthen email security and build smarter security cultures in modern enterprises.

In today’s threat environment of increasing cyber threats and complexity, the email threat vector is only growing in prominence. With Tessian’s behavioral intelligence email security, we provide comprehensive protection from the most advanced email threats of today and tomorrow. This includes advanced anti-phishing protection and email data loss prevention.


We’re excited to announce the release of our new Microsoft 365 API that enables deployment of Tessian’s inbound protection in seconds, and provides unparalleled protection within hours. The seamless Microsoft 365 integration presents an opportunity to consolidate your cybersecurity stack, making it easy to displace your Secure Email Gateway for the next generation of email security, Tessian. You can download our full solution brief here


The release of the API and new advanced quarantine isolation capabilities mark yet another milestone in Tessian’s growth and solidifies its place as the Integrated Cloud Email Security (ICES) market leader – offering clients a simplified integration, to enable comprehensive email protection against the most advanced inbound threats.


Taking the effort out of integration

Where traditional gateway deployments take months, the Tessian API enables seamless integration for Microsoft 365 clients, whether on premise, in hybrid, or in cloud environments.  Deploy Tessian within seconds and protects within hours.  No configuration is required. 


API deployment simplified


The API allows deployment in 3 simple steps:


  1.    Enable connection to user mailboxes feature and select the + Defender Protection option
  2.    Grant required permission for Tessian to connect
  3.    Assign user mailboxes to the Directory Group for Tessian protection

The benefits of API deployment 

The benefits of Tessian’s API deployment include:


Low cost of effort integration and management 

  • No complex manual configurations, no MX records configuration or email rerouting needed
  • Low management overhead, enabling security teams to focus on only malicious emails
  • No manual updates required, you’re always running the latest version of our advanced threat protection


Reduced operational risk and enhanced security

  • Elimination of point-of-failure risk and negative performance impacts due to simplified architecture – does not sit-inline
  • Significantly reduced SOC burden and alert fatigue 
  • Significantly reduced false positives, filtering out the noise from the actual threats


Scaled protection on demand

  • Enterprise scalable solution but also accommodates the SMB sector
  • Simply add new users to the Directory Group 
  • Protection extends to all devices, including mobile

New levels of control and enhanced protection 


We’re also excited to announce new quarantine features as a part of the Microsoft 365 API for inbound protection providing enhanced levels of control with our advanced quarantine threat isolation capability. The two user-friendly quarantine features are designed to stop threats, without interrupting business, and were built with security admins and employees in mind. The end result: Significantly reduced SOC burden, saving resources, with only malicious emails quarantined.


Admin Quarantine: Depending on the level of enforcement threshold selected by the security admin, emails that have been determined to be malicious by Tessian’s algorithm will automatically be quarantined for further analysis. 


Soft Quarantine: Only emails with a lower probability of being malicious are sent to employees. Here, the employee receives a “defanged” copy of the email together with an in-the-moment security warning message. This enables them to decide whether to allow, or to delete the original email. 

How it works

Admin Quarantine

  • The Admin Quarantine capability automatically detects malicious emails and quarantines them on arrival. These emails have the highest probability of being malicious.
  • These emails are temporarily removed from the employee’s inbox and assigned to the security admin via an alert notification. 
  • The security admin triages the threat and can decide to release, or to delete the email from either the Tessian portal, or from the alert notification itself.


Soft Quarantine 

  • The Soft Quarantine function detects emails with a lower probability of being malicious and, instead of being sent to the security admin, they’re held in a “Soft Quarantine” or hidden folder in the employee’s email account. These emails are not sent to the “junk folder” in order to prevent accidental interaction by the employee.
  • Tessian sends a “defanged” copy of the email to the employee with an alert notification, alerting them that the flagged email is potentially malicious.
  • The “defanging” of the email effectively neutralizes hyperlinks and removes attachments, thus removing any malicious payloads and is not released until the email is determined not to be malicious. 


An example of a quarantined email

In-the-moment security training hardens your security posture in real time


We believe employees are a company’s greatest security asset. With our in-the-moment security awareness notifications, we provide the necessary contextual understanding to prompt safer behavior. Not only is each warning message contextualized to the specific threat, but it also delivers a memorable and individualized security awareness training session.


Our customers consider these warnings an extension of their security awareness training programs, which helps build a more security conscious employee base and improves the security culture, in real time.

Intelligent and comprehensive email security protects against advanced threats


The threatscape is only increasing in sophistication and scope, with threat actors continuously refining attack methods to circumvent rule-based security controls. This helps explain why social-engineering based attacks delivered via email remain the number one threat vector for attack.


Given the high success rate of email-based attacks, it is clear that legacy rule-based email security solutions are no longer capable of keeping employees and data safe. This new reality has driven the need for intelligent email security solutions that provide real time protection and threat defense capability against advanced threats.


The new Tessian API release for Microsoft 365 and quarantine functionality, together with the full capability of Tessian’s security platform provides comprehensive email security for  advanced inbound and outbound threats – giving customers peace of mind that email security is one less challenge they have to deal with. 


This is why our customers can’t imagine a world of not having Tessian in their environment. 

Want to learn more? See how Tessian prevents ransomware attacks, bolsters DLP, watch a product overview video, or book a demo.

Robert Slocum Product Marketing Director