eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
Trustwave announced the latest iteration of its email security platform on Jan. 10 with the unveiling of Secure Email Gateway (SEG) 8.2.
Among the highlights in the new release is support for the Microsoft Azure Rights Management System (RMS), which is used to protect against data loss and unauthorized access. Trustwave is also integrating a dedicated business email compromise (BEC) engine into SEG 8.2 to help organizations limit the risk of email fraud.
“Trustwave SEG is a gateway software product that can be deployed with any internal company email system,” Jenny Chen, senior product manager at Trustwave, told eWEEK. “SEG provides an organization with a layered security solution to manage email content; fight advanced threats such as phishing, ransomware and business email compromise; curb spam; and transparently enforce email Acceptable Use Policy and any other regulatory compliance requirements.”
In addition to the on-premises version of SEG, Trustwave offers a separate cloud-based email security service—SEG Cloud. Chen said that Trustwave SEG Cloud is deployed by redirecting traffic and filtering mail at the internet level before it reaches the network.
Trustwave SEG is both an acquired technology and developed internally, according to Chen. Trustwave acquired SEG via its acquisition of M86 Security in March 2012. She added that the SEG engineering team from M86 is still intact and has grown since; it has been working to issue new SEG releases about every six months and are responsible for the latest innovations found in SEG 8.2.
Azure RMS
Support for Azure RMS in SEG was originally driven by a Trustwave customer requirement. Chen said the customer had chosen Microsoft Azure Information Protection and Rights Management as their comprehensive access management, classification and DLP solution and there was a need to protect it with SEG.
Initially, it was a bit of a challenge to enable support for Azure RMS, due to limited technical documentation from Microsoft, Chen said. Over time, with trial and error, Trustwave did get it all sorted out, supporting the initial customer need and now rolling out the capability to its full SEG customer set in the 8.2 update. According to Trustwave, SEG is now able to decrypt Azure RMS content, scan for malicious content and is then repackage the content, ensuring malware, malicious links and other threats are removed.
She noted that Trustwave has come across other large enterprise clients that are also starting to use RMS and fully expect to see more demand.
“As more organizations adopt RMS-type solutions, they will need their providers to support those solutions,” Chen said. “Without visibility into RMS-protected files, mail and attachments, organizations run the high risk of sensitive data leaking from their organization.”
Business Email Compromise
Business email compromise is among the most impactful types of attacks that organizations face. With BEC, attackers aim to deceive an organization into paying a fraudulent invoice. According to the FBI, between October 2013 and May 2018, there were approximately $12.5 billion in global losses due to BEC scams.
There are numerous subtleties and differences in BEC scam emails, Chen said. To detect these attacks, Trustwave created a special filter, maintained by Trustwave SpiderLabs, that targets many traits found in BEC fraud emails.
“The filter is called the BEC Fraud filter and consists of hundreds of heuristic checks and thousands of signatures of known BEC Fraud actors,” Chen said. “We have created new BEC and CEO Fraud rules available in SEG 8.2 that should be enabled to get the most comprehensive protection.”
What’s Next?
Trustwave is already working on the next iteration of its email security platform: SEG 8.3.
Chen said that among the new and enhanced features Trustwave is working on for SEG 8.3 are malware sandboxing and anomaly detection support with the ability to detect outbound email from internal infected machines and accounts. Looking out further into the roadmap, Chen said SEG 10.0 will be a major release for the platform in 2019, featuring a new web-based user interface.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.