top of page

FirstWatch Email Protection Now Available for Mail Servers

Jigsaw Security today has released our newest security protection product that is specifically designed to prevent email based attacks such as Phishing and nuisance campaigns such as Locky and Cerber ransomware. The new version of FirstWatch is specifically geared to run with your existing email platform to prevent attacks even when phishing emails make it to the end users mailbox.

The new sensor combines our already existing user interface, threat intelligence feed, DNS sinkhole service and heuristics detection to prevent email based attacks. Jigsaw Security has noted in our polling of our existing clients that one of the most common problems faced by our subscribers is email based attacks. Our sensors as always are geared to disrupt the infection chain so that even when a malicious malware containing message get's through to the end users, the disruption module will break the infection chain preventing the infection from occurring.

The sensor acts by tricking malware into connecting to our honeypot network for analysis instead of delivering the payload to the workstation that has become infected. Not only is this good for stopping threats but also allows our threat intelligence to obtain threat data much quicker. While we don't see the content of your email, we do watch what is being requested by your workstations to identify when a malicious email has arrived on an endpoint. Eliminating the need for an agent on the workstations, our solutions work by monitoring and responding to DNS request or by sending network resets over the network to stop malicious payloads from downloading even though an infection has occurred. This prevents hackers and phishing actors from being successful in stealing credentials which are typically used to then obtain unauthorized access into networks.

Why Jigsaw?

The Jigsaw Security solutions are cost effective software and hardware based solutions that actually disrupt malicious content when requesting payloads. On average a typical infection cost an organization over $10,000 per occurrence on average. Our no obligation trial of our protection services typically find infections not detected by your antivirus programs or firewalls. Using cloud computing to process millions of events per hour, Jigsaw is able to quickly and accurately find threats that others miss.

Cost Effective

As stated the average cost of a single infection in manpower to resolve to include taking the workstation off the network, imaging the workstation to ensure a clean platform for the user, forensics to determine if information has been exfiltrated during the infection and research and remediation by network security staff adds up. The Jigsaw solution cost $50,000 per year so it pays for itself after stopping only 5 infections which for the average organization is typically between 1 and 3 months time. By showing our clients what we stop and how we protected their workstations, server and network, we are easily able to cost justify our solutions.

Layered Protection

Many security products only focus in one area. The Jigsaw Protection Model was developed to provide multiple layers of protection to ensure that even if something undesirable makes it onto your workstations, the disruption mechanism in our software prevents data from leaving your network. A good example of our protection model is when a company is US based and has no customers in say China. There is no reason for large amounts of data to be leaving your network with a Chinese destination. Our software will alert you when traffic exceeds the levels of normal web browsing. So by eliminating normal traffic patterns, we are able to see when a connection to a Chinese based destination exceeds say 5MB of data in under 1 minutes time. When this occurs your security staff are alerted so they can inspect and determine why a workstation is sending your corporate secrets to locations in China. That's really not the point of this section so let's really talk about the layered approach. Many vendors concentrate on detecting malware, or inspecting network packets or abuse of network resources such as proxy servers, TOR and similar services. Jigsaw works differently by doing ALL of those functions. Our agentless DNS protection for example inspects DNS traffic to detect things like newly registered domains, fast changing domain names with patterns, large numbers of queries in a short period of time and similar activity. By disrupting infections when malware is detected we really compliment your Antivirus products. By disrupting known threats we really compliment your antivirus products.

This multi-layered defense ensures that more threats are stopped and there are less instances of legitimate services being affected.

Our FirstWatch sensors for mail servers provide you will piece of mind in knowing that when one of our customer is hit with a new variant of malware, you are instantly protected from it if it ends up trying to email your end users. Jigsaw Security mail protection ensures that you are aware of what large emails are leaving your organization and by breaking the chain of infection when something new is seen for the first time.

Call Jigsaw Security at (800)447-2150 Ext. 6 to arrange a free no obligation 30 day trial of our mail protection products.

18 views0 comments
bottom of page