Mimecast acquires brand exploitation prevention startup
Email and data security company Mimecast has acquired Segasec, a provider of digital threat protection.
With this technology, Mimecast customers can better defend against attacks that leverage fake websites and domains for credential harvesting of their customers, employees, partners, and third-party vendors within their supply chains.
Hackers are using sophisticated techniques to target organisations of all sizes and in all industries by using their brands as bait to launch attacks.
With the acquisition of Segasec, Mimecast can provide brand exploit protection using machine learning to identify potential hackers at the earliest stages of an attack.
The solution also is engineered to provide a way to actively monitor, manage, block and take down phishing scams or impersonation attempts on the web.
The Mimecast Segasec solution is designed to enable organisations to:
- Protect employees, customers, partners and 3rd party vendors from phishing scams attempting to trick them by abusing domains that are similar to their legitimate branding;
- Identify and protect against attacks where cybercriminals have cloned a website for malicious activities against stakeholders;
- Block and take down both suspicious sites and active scams.
The acquisition of Segasec builds on Mimecast's 'Email Security 3.0' approach, which helps customers protect their organisations across three key zones:
- Zone 1, to defend against security threats trying to penetrate the organisational perimeter;
- Zone 2, for vulnerabilities and threats that exist inside the perimeter; and
- Zone 3, for attacks taking place outside the perimeter in the larger cybersphere.
Segasec's integrated solution is designed to enhance Mimecast's Zone 3 protection platform by providing a comprehensive approach to digital risk protection while also enriching its core perimeter defense systems for Zone 1 with intelligence gained from analysis of threats in the wild.
Integration of Segasec with Mimecast's email and web security services is engineered to further strengthen Mimecast's customers' cyber-resilience by enabling them to block any potentially malicious domains quickly.
The integrated solution platform is built to allow organisations to implement a comprehensive cybersecurity strategy capable of dealing with modern-day threats surrounding, inside, and beyond the perimeter.
"Every brand is vulnerable to attacks that abuse and threaten the trust that employees, customers, partners and third-party vendors have placed in them," says Mimecast CEO Peter Bauer.
"Segasec will allow our customers to take a proactive approach to identifying -- and even potentially preventing -- attacks that imitate their brands using domains they don't own, while also offering the visibility required to understand how their brands are being misused for malicious intent. Additionally, Segasec's solutions strongly complement our recent acquisition of DMARC Analyzer, which simplifies the process of protecting against abuse of domains customers do own and continues to strengthen our Email Security 3.0 approach.
Segasec's technology is designed to monitor domains on the internet for suspected malicious activity and continuously surfaces the riskiest ones.
By using machine learning and running targeted scans that identify even unknown attack patterns, the solution can help uncover both live attacks and detect upcoming ones at the earliest possible stages, often allowing customers to prevent them altogether.
Segasec also offers rapid takedown capabilities for active attacks and technology that can limit the use of stolen data.
"In today's increasingly digital economy, we rely so heavily on websites and email to interact with businesses in both our professional and personal lives," adds Segasec CEO and founder Elad Schulman.
"As such, brand exploitation has been on the rise, as cybercriminals co-opt the brands we depend on and violate our trust. The powerful combination of Mimecast and Segasec will help customers better protect their brands, customers and other external stakeholders, as well as their own employees.