Kaspersky Strengthens Mail Server Security with Advanced Filtering and SOC Visibility
Kaspersky has announced a significant update to its Kaspersky Security for Mail Server, designed to strengthen systems against emerging email threats. The latest version of Kaspersky Security for Mail Server features advanced functionality for content filtering, quarantine management, and enhanced visibility for Security Operations Centres (SOC).
A study conducted by Kaspersky revealed that 77% of companies worldwide have experienced at least one cyber incident in the past two years, and 21% of these incidents were attributed to employees falling victim to phishing attacks. As these statistics only capture incidents where employees responded to phishing attempts, the actual volume of external attacks through corporate email is likely much higher. To address the growing email threat landscape, Kaspersky has significantly reinvigorated its Kaspersky Security for Mail Servers.
Advanced Content Filtering
The latest Kaspersky Security for Mail Servers update is enhanced with advanced content filtering capabilities. Administrators can now create complex filtering rules based on keywords present in the subject lines of emails, their main texts, as well as on the sender, and attachment names. Additionally, it now supports filtering by hidden headers in the plain text of emails.
With the new version of the product, administrators can create dictionaries of allowed keywords and prohibited ones to optimize filtering rules for different user groups, for example. Changes made to these dictionaries centrally apply to all associated filtering rules, ensuring consistency and efficiency in managing mail security.
Kaspersky Security for Mail Server now also includes DLP (Data Leak Protection) features to monitor outgoing emails for sensitive data. Administrators can create regular expressions that match patterns of certain kinds of data formats (e.g. credit card numbers) to detect and block their transmission, mitigating the risk of data leaks. Restrictions apply to sending emails to mailboxes outside the organization, but administrators can also configure a restriction on sending this type of data between specific departments within the company.
Enhanced Visibility for SOC
The latest version of Kaspersky Security for Mail Server provides SOC teams with comprehensive information on blocking events, including details of the attachments, results of their scans, and verdicts on blocked links. This enhanced visibility enables SOC analysts to better correlate events and strengthen incident response strategies.
Advanced Quarantine Management
Administrators can now benefit from advanced quarantine functionality, allowing them to view quarantined emails in their original format directly from the console. This feature simplifies the quarantine management process, providing administrators with greater transparency and control over potential mail threats.
“We’re proud to announce the latest update to our product for defending email: the main communication channel in all businesses. With its multi-layered defence mechanisms powered by machine learning algorithms and comprehensive defence systems, Kaspersky Security for Mail Server not only provides robust protection against a wide range of threats but also offers peace of mind to our clients in the face of evolving cyber risks. With this update, we’re reinforcing our commitment to delivering cutting-edge solutions that empower organizations to defend against non-standard Trojans, targeted ransomware attacks, and other emerging threats in today’s dynamic threat landscape.” comments Timofey Titkov, Head of Cloud & Network Security Product Line at Kaspersky.
For more information about Kaspersky Security for Mail Server, please follow the link.
