Proofpoint closes acquisition of Tessian.

Request a demo
Request a demo
Request a demo
Request a demo
Request a demo

What’s new: Abuse Mailbox Response, APIs, and dashboards

Meghan Brisson • Tuesday, August 1st 2023
What’s new: Abuse Mailbox Response, APIs, and dashboards

Tessian Cloud Email Security intelligently prevents advanced email threats and protects against data loss, to strengthen email security and build smarter security cultures in modern enterprises.

Tessian is running at full speed to provide you with smarter, faster email security. Our team has been busy building and enhancing the products you know and love — making it even easier to use for security professionals. Here are the latest updates from our product team. 

Abuse Mailbox Response 

When something looks phishy, you want your end-users to hit that “report phish” button. But what happens when your security team is inundated with reported threats? 90% of user-reported emails aren’t malicious. And while it’s better safe than sorry, Tessian is releasing a product that saves security analysts precious time by automatically identifying the handful of true threats that require human attention. 

Abuse Mailbox Reponse uses machine learning to automatically classify, triage, and remediate user-reported emails so that security teams can focus on the threats that matter. It offers crowd-sourced detection, enabling automatic quarantines when multiple users report the same email threat. And it also provides custom communications options for end-users who report, making feedback loops between security and end users even stronger. 

For example, a reported email will be classified as malicious, safe, or spam based on a number of factors that extend beyond the machine learning model. How good is the user at reporting? What percentage of users have reported it? After the email is remediated, the reporter will receive a customizable, automatic response. This message encourages users to keep reporting and educates when the email was found to be safe. 

Even better, there is no change to the end-user experience during roll-out. Any existing report-phish buttons will work with the Abuse Mailbox product.  

With this product, security teams save hours a day on manual classification. It’s significantly faster than legacy systems that rely on rule-based protection and manual inspection:

  • A 5,000- user organization sees about 1,400 reported emails each month, on which they spend about 700 hours on manual investigation and remediation.
  • Tessian reduces manual review by 90%
  • Tessian accelerates investigation time by 80%  

Abuse Mailbox Response is the second product release in the Respond product line, following Investigate and Respond from April 2023.

Remediation API

We are always striving to make security analysts’ lives easier by reducing context switching, and enabling automated workflows. In this release, we’re beginning our journey toward full lifecycle email threat remediation via API, enabling analysts to remediate email based threats without leaving their SIEM/SOAR platforms. 

The API allows the  flexibility to streamline workflows in one convenient location, and eventually submit investigation outcomes to improve the detection algorithm within the same portal.

Quarantine without Notification

This product update provides even more control for security admins using Tessian Defender. At a certain confidence level, they can remove an email all together without sending a warning to the end user. This quarantine logic also creates less friction and noise for end users. Emails that do not meet the quarantine logic can be silently tracked.

New Dashboards and Dark Mode

We have also released new dashboards for unified email security reporting: 

  • Overview Insights Dashboard
  • Data Loss Prevention Dashboard
  • Threat Insights Dashboard

The overview dashboard is a simplified view, pulling results from the more detailed dashboards discussed below. 

The Data Loss Prevention Dashboard displays accidental data loss, data exfiltration, custom policies, and industry benchmarks.  

The Threat Insights Dashboard provides even more insights on the threats that Tessian is catching. You can see what email attacks bypassed your SEG and Microsoft email security. Business email compromise, account takeover, and brand impersonation attacks are displayed. And junk and spam emails can be pre-filtered from view to streamline results. 

In this dashboard, admins can view the top users being targeted by phishing attacks as well as top impersonated and malicious domains. Ever wonder how much time you’re saving using Tessian? The dashboard now offers a quantified estimate of hours saved.

 And finally, a setting our customers have been asking for — dark mode. Tessian is now available in dark mode to reduce eye strain and blue light exposure while providing flexibility for user preferences.

Meghan Brisson