Perception Point Advanced Email Security Reviews

We use it to scan email for security purposes. 

It's all cloud, there is no on-premise footprint. All the infrastructure is Perception Point infrastructure.

Judging the effectiveness of Perception Point when it comes to detection is difficult because we do not have only Perception Point in our email security flow. Perception Point is the last line of defense in our protection process, what we call a third-tier of protection. Before Perception Point, we have two layers of Microsoft in place, and those two layers filter quite a lot. We wanted to add another layer from a different vendor so that we were not only relying on Microsoft, but also because we knew Microsoft was not catching everything. That was proven through our PoC with Perception Point. Every month we catch a good number of malicious emails. Our focus is more on malicious messages than on spam, although it catches a good number of spam messages as well.

We escalate one or two emails per month that were not discovered by either Perception Point or Microsoft, so our overall effectiveness is pretty good. But Perception Point is certainly catching things that Microsoft does not catch. It is doing important work because an email that Microsoft does not catch is a risk if it gets into a user's mailbox. We are talking about 25,000 to 30,000 emails a month that Perception Point is catching that Microsoft is not yet detecting.

Also, Perception Point's Incident Response team is like an extension of our messaging team in the sense that we do not have the capacity or the resources to evaluate whether an email is malicious or not, especially for the type of volume we have. This was one of the key criteria for us when selecting a partner. With Microsoft, a lot of it is done by machine learning, but we do not have a Microsoft team making a determination about emails or a team that we can easily escalate issues to or turn to for an email security conversation. Perception Point performs a really important part of what our vision is for email security.

We have also created an integration where users are able to report phishing attempts, and those emails are scrutinized by the Perception Point Incident Response team. That is an additional benefit. They're adding value both through qualifying our emails and through reviewing messages that our users report as phishing attempts.

We have another integration between Perception Point and our endpoint solution. That is something Perception Point actually offered so that if the endpoint solution finds something where the entry point was an email, there is an automatic interaction through which Perception Point does a review and removes things from the email box. That is an added benefit.

The most valuable features of the solution are the ones that are related to finding impersonation attacks and detecting attempts to steal credentials. In scenarios where attackers get you to follow URLs to a malicious site that looks similar to a good site, and then ask for the user credentials to try to steal them, it is very useful.

It also has features for detecting branding impersonation.

And specifically, when it comes to protecting our VIPs and avoiding BEC (business email compromise) attacks, that is another important part for us.

It scans pretty much all content, so it's full-scale. We see in our dashboard how emails are categorized by different engines. There isn't just one engine that determines whether an email is malicious. They have a multi-engine architecture for detection of malicious emails. They provide full scanning of email.

There is still room for improvement with BEC. There is more work to be done by Perception Point on machine learning and neuro language as well. BEC is very difficult if you don't have a computer language looking into the content of the email and trying to make a determination through that. With BEC you often don't have an attachment or a URL. That is an area where there is certainly room for improvement.

We have been using Perception Point Advanced Email Security in production since August of this year, so more than four months. Before that, we ran a PoC and we were in pilot mode for about another six months.

We have not had any issues with the stability in production. We had some small issues during the PoC, but they did not have an impact on us because we were just in monitoring mode. And regarding the issue with Amazon this week, we were not affected, because it was in the US and we were not using the infrastructure in the US.

We haven't seen any issues with emails failing because they are delayed or in queue. We haven't been aware of a situation where users are waiting for an email. To a certain extent, it's because we are not running inline so Perception Point cannot be a bottleneck because the users have the emails in their mailboxes. A customer that runs the solution inline may have a different opinion because email will not arrive until Perception Point has processed it.

Perception Point's team in general, whether it's the support people, the management, or the sales folks that were engaged with us, have been very good. Often, when a company is at the PoC stage, they engage with you and try to demonstrate that they're good, but once you have signed a contract that might fade away. That has not been the case with Perception Point. They are very responsive and very attentive to our requests. The support has been very good.

The initial setup was in between a straightforward and a complex process. We had some hurdles at the beginning because of some issues with AWS.

Also, the way we have rolled out the solution is different from the way Perception Point normally rolls it out for its customers. In general, it is known as an inline solution, where the traffic is scanned by sending it to Perception Point, and then they send it back to the customer before it reaches the users' mailboxes. But we did not set it up that way. We rolled out in another way that became available during the pilot phase. We decided to go for that option because we felt it was less risky when it comes to the email flow. If something were to happen to Perception Point or to Amazon, like happened to Amazon a few days ago, then the email flow would be affected and require us to take action.

The way that we rolled it out is similar to what the competitors do. The email arrives into the user's mailbox and is then scanned. It then takes any necessary actions in seconds or minutes. I don't know how much Perception Point is advertising this. We were the only customer that was testing this option and then decided to go to production with it.

From a protection point of view, the inline method, which is the preferred mode, is obviously more secure, because emails will not get to the end-users until they have been scanned. In our case, end-users are receiving the emails and, in parallel, they are being analyzed. If action is required, Perception Point will take the email out from the end-user's mailboxes. There is a small period of time where the user could click on an email that is malicious. But we made the decision to roll it out in this way.

We did the rollout in phases over three weeks in the month of July. We first rolled it out to our users in Asia-Pacific, and then to our users in America, and then our users in EMEA.

In terms of time-to-value, the solution was already delivering value during the PoC. The difference was that in the PoC, the solution was just alerting us and was not taking action. However, we had an agreement with Perception Point that if we knew with certainty that emails were malicious by code, they would remove them even during the PoC. When we moved to production, Perception Point was immediately taking action.

Another difference in our rollout was that we started with a goal of avoiding a lot of false positives, using an 80 percent accuracy level for the determination of maliciousness. That meant that if the algorithms thought that there was an 80 percent chance, or above, that an email was malicious, action was taken to remove it from the user's mailbox. We started to see that happen from the very first moment we went live. The value was there from the beginning.

After months of working in production with this 80-percent-and-above threshold, we changed in November to 60 percent. In the November numbers, we see a decrease in reports from our users of phishing emails. We still have to see if this remains the case during December and January. But this could be an indication of Perception Point now catching more, before users are required to report something as phishing.

I believe we have seen ROI. We are catching emails, important emails to our VIPs. We run reports facilitated by Perception Point on the numbers, but they also provide summaries that we highlight at the end of every month about emails attacking VIPs or impersonating VIPs. We can see that if an email had not been caught it could have been really malicious. From that point of view, the return on investment is there. Even one email that gets through is already one too many, but there is no 100 percent solution. When we see that, on top of Microsoft, Perception Point is catching 25,000 to 30,000 emails, that is a good number for us. As a percentage of the volume of email that we receive overall, those numbers are small, but they're quite big if we understand that there are 30,000 emails with potentially malicious implications for our users and our company.

We ran an RFI with different solutions, but we only did a PoC with Perception Point and another competitor.

One of the main attractions for us with Perception Point was the Incident Response team. Perception Point was one of the few companies that offered that feature and it fulfilled something that we did not have: the expertise and the capacity to look into emails. The other vendors that did offer something similar charged additional money for it.

The other piece was the inline versus post-delivery issue. We actually liked the idea of inline, but our management was attracted more to the idea of the post-delivery. Perception Point gave us the flexibility to do one or the other and that also was important to us.

In addition, the company and the individuals who engaged with us at Perception Point were very good in terms of listening to us and our requests, and in many cases, implementing them very quickly. Before we had even signed, they were already giving us solutions to some of our requests. That reaction, listening to our feedback and implementing it, continues now. We checked with some Perception Point customer references and they said that type of responsiveness won't change after you sign, and that has been our experience as well. We are still in contact regularly, discussing ideas and improvements with them.

Obviously, you need to be convinced about a solution on the technical side and see good results out of a PoC, but the service and the people behind it were part of what made us go with Perception Point.

Whether you're looking at Perception Point or any other solution, the first thing to do is to find the weak areas with your current solution. Some solutions may be more targeted to a specific technology or type of threat. There are solutions that are very specialized in BEC, for example, and they're very good at BEC. So if your problem is with BEC, then maybe focus on them. Knowing your main problem will help in determining which solution to go with. Otherwise, you could be picking something that is not going to resolve your problem.

We have a hybrid Exchange environment with an on-premises email server and also Office 365. We have multiple domains and the challenge was related to the email filter. We were doing a lot of things manually and we wanted a simpler system.

As of now, we are only using this product for email. However, in the future, we may implement some of the other modules such as SharePoint, Dropbox, or other services.

Perception Point has improved the way our organization functions in many cases. For example, there are a lot of malicious files coming into the company and the previous solution that we had was not filtering them in an effective manner. When we switched to Perception Point, it became quite handy and it started detecting most of them. I would estimate that nine out of ten were being found and then blocked.

The only challenge we were facing was a small number of false positives, which was okay because we were able to handle them properly. In terms of reduction, implementing Perception Point has resulted in a 50% to 60% drop in the number of false positives that we were experiencing.

In my experience, the detection capabilities have been good. I would rate the performance an eight out of ten because it is much better than some other products I have researched. I have seen examples of it detecting malware.

The vendor's incident response team acts as an extension to our own SOC team.  This is important because we need to know exactly what is happening so that we can report it to the top management, accordingly. 

Perception Point's incident response team has aptly handled the incidents that we have had. So far, we have only had a few, so our challenges have not been great.

With respect to engine optimization, I see a lot of features being upgraded every month. The engine seems to be getting more robust. I can see the differences in this AI-based technology.

I would estimate that each day, Perception Point saves our own SOC team between one and two hours. We were spending a lot of time on security and since implementing this product, we have been able to reallocate time and put it toward other tasks.

I estimate that overall, the number of alerts that we receive at our endpoint layer has been reduced by between 40% and 50% since transitioning from our previous product. Time-wise, this saves us between an hour and two hours a day.

In terms of how long it took to begin showing value, from the perspective of a customer, I think that it took about three days before we started to notice the difference. It required no tuning or customization and it was very clear in the console. The dashboard showed everything that it was doing, making the system very transparent.

The most valuable feature is the hardware-assisted platform module. The HAP is hardware-based and does not exist in many products. It is a unique CPU technology that can detect ransomware attacks.

The notification system is helpful. We received two notifications a day, which include the false positives.

Email alerts should be available in real-time. Alternatively, emails should be sent more often. It would be better to get between six and eight emails per day to help us understand what is happening.

At this time, we don't have an option to customize alert emails for our customers. They come directly from the vendor and we have no control over them.

The reports should be more customizable.

We have been using Perception Point Advanced Email Security for less than a year.

It's a robust product and we don't have to manually intervene when it comes to filtering when we use the engine. In production, it seems to be stable and we haven't faced any downtime.

Perception Point is used throughout the organization and we have 250 devices that are protected.

Scalability-wise, we haven't explored or tested it. I think the product can be scaled in terms of adding more features. More than its security, they can add more features, like email archiving, but I'm not concerned about it.

Whether we increase our usage depends on the business. If we continue to grow then we will continue using this product and we will increase the number of users. I think that it's quite capable of scaling with us.

When we need to create reports for management, we sometimes send queries to the support team. They are very responsive and normally, they answer the same day, within a couple of hours.

In total, I have spoken with them approximately 10 times and the experience was always good. I believe that the nearest support center is in Israel, and we're approximately two hours apart, yet the response was still quick and on time. They have always been able to resolve our issues.

We had challenges with malware when we were using another on-premises product. The product was MailMarshal, by Trustwave. The first reason that we decided to switch was that it was purely a signature-based system. The second reason was the support. Simply, they did not provide the support that we needed.

We had done some brainstorming before the project, and we could see that the setup process was transparent. As such, it was straightforward and even though there was some complexity, we could see exactly what they were going to do. All things considered, it was not overly complex.

The implementation strategy did not deviate from our IT policy and it was good. They were not using the MX pointing but rather, it was another kind of shared organization policy that is hidden from the attackers. The fact that the attackers cannot directly see what we are using, and it is similar to a shadow, is one of the features that we liked.

We are a 24/7 organization so for us, the main challenge was minimizing downtime. Downtime is crucial for us and we were able to complete everything in less than six hours.

From our side, there was one IT manager and two network administrators involved in the deployment. The two network administrators continue to work with this product but in a maintenance capacity.

We have absolutely seen a return on our investment. Cost savings and technology-wise, the HAP module is the feature that gives us the biggest ROI. It is implemented in hardware and not available in a lot of systems. It is incorporated directly into our data center for multilayer protection.

The price of this solution was within our budget and I think that it will suit most SMBs. There are no additional costs beyond the standard licensing fees.

We evaluated Mimecast at the same time that we were looking at Perception Point. It is a top runner in this space and they have more services, such as mail archiving. Ultimately, we found that Perception Point is a better product. It delivers approximately the same value for what we needed, but for less cost, and pricing was one of the other constraints.

We did not implement a PoC with Mimecast, so I can't make any technical or performance comparisons based on actual usage.

The biggest lesson that I have learned from using this product is that when you use smart products in a smart way, it can save you a lot of time with respect to productivity. This in turn allows us to look at how that time can be used for other major tasks.

My advice for anybody who is thinking about implementing this product is to start with a PoC. The vendor offers a 14-day PoC, which will give you a clear idea as to exactly what is happening. From there, you can choose to proceed with it or not.

I would rate this solution a seven out of ten.

Email protection from:

1. All malicious attachments. 
2. Phishing URLs
3. Phishing and spam emails.

We work mostly with Slack for incident management with their Incident Response team. Everything is recorded, maintained, and operated in Slack. This is easier for every team, making it easier for us to stick with this solution. They are online. We show evidence. In general, we have good communication.

Email is still the first victim, e.g., it is number one for hackers to use. This is why you want to have the best protection against those attempts. The mechanism Perception Point Advanced Email Security has against malicious, phishing attempts and all these hackers' attempts via email was the main reason to use this solution. It protects the company from all the email attempts that can put the company at risk.

They can do better on the spam. Today, Perception Point is not our only solution. We have two solutions, and they are the second in line because the spam filtering is not yet the best. 

From an operational perspective, as a customer, we want to have the ability to do all the changes that we want. I don't want to have to approach the Perception Point guys, and say, "Please do: A, B, C, D." I prefer to have my guys do our customizations.

I started to use Perception Point Advanced Email Security even before my current position. So, I would have been using it for about four years.

In the four years that I worked with them, we have had maybe two downtimes. Obviously, that is a good percentage of uptime. I haven't had any big issues with them. So, the stability is very good.

Two security engineers manage the solution out of the SOC.

We started small, then we expanded. Because it is a cloud-based solution, it is very easy to scale. 

From a user perspective, there are around 7,000 mailboxes with almost 300,000 emails a day. The solution is fully deployed (100 percent).

We have used the technical support. Usually we use them when we have a false positive or false negative. It depends. We are using Slack, so they answer right away. They check and investigate it, so the technical support is quite good.

The vendor commits to the solution’s effectiveness when it comes to detection, but this is around an accuracy and detection rate of 99.5 percent. They sometimes miss and we find them. Obviously, we report them back, then they try to fix and solve them for the next time, which is a good thing. 

It is very important that the vendor’s Incident Response team work in the background and proactively help. They are also providing 24/7 support, so if something is happening while it is night, holidays, or weekends, then it is important that they will be proactive if they find something suspicious or something that requires actions. Therefore, we need them to be responsible. Some of this stuff, we can manage on our own, but there is stuff that they need to do on the back-end.

I see from time to time that Perception Point is being proactive. They approach us, and say, "Can you check this, and this?" So, it does seem that they are an extension of my incident response.

Once we report any stuff that we found, and for some reason haven't detected, they do everything very fast. It is almost real-time, and they are closing this gap. If they found something that they missed, or we told them, then they acted quickly.

We had an email protection system that wasn't as good before. Now, our block percentage is much higher. So, we have fewer incidents happening in the company. Obviously, this shows in the ROI. I don't need my guys to start dealing with all these incidents. Perception Point Advanced Email Security also provides a very good investigation report of what it was trying to do. Then, we take it and leverage it, using it to improve our detection in our protection systems. Therefore, we have increased the effectiveness of our detection against malicious attacks, plus our SOC team is not spending as much time dealing with them.

We added Perception Point Advanced Email Security. We still have Fortinet FortiMail because of the anti-spam. Fortinet is the first in line to block the spam, but they are second in line when blocking all the malicious stuff.

The initial setup was very straightforward. We did it in two phases, mostly. 

The phase one: Right away, we did all the malicious attachments. Obviously, we did it first in detection mode. After we saw there were not too many false positives, we changed it to block mode quite fast. It took one to two weeks, then we just changed it to block mode. 

The second phase was phishing URLs, which was a little more complicated than attachments. It was for detection only on URLs. We whitelisted all the legit URLs that had false positives. Once we finished with whitelisting, we enabled it on block mode. From that moment, it was quite straightforward. There were no issues. 

We can go into full production (fully live) with this solution in one month.

Sometimes, we have a URL that goes into a whitelist, but it happens once a month or something. It is a very low number. 

After deploying the solution, you can see all the blocking right away.

One security engineer deployed it out of the SOC.

For specific incidents coming via email, we have reduced our SOC team time dealing with problems by 99 percent.

Perception Point Advanced Email Security has helped us reduce our false positive rate. We currently have a 99 percent success rate with one percent false positives. 

The solution has helped to reduce the number of alerts received by our endpoint layer. We have around 99.5 percent accuracy. This has affected our security operations a lot. The ROI has been very good. My guys have spent less time on investigating incidents from the endpoint, because it was already blocked on the Perception Point level. 

They are not the most expensive vendor. There are much more expensive vendors. They are not cheap, but they are not the most expensive. They are somewhere in the middle.

The pricing is for the number of emails. There are additional costs for the number of files and scans.

I did evaluate two other solutions, Mimecast and Bitdam. Eventually, it was a combination of cost, integration, and support. I did want something that would work very fast and adjust to my needs. Also, the cost was important. We wanted something priced in the middle, not too expensive nor cheap.

Perception Point Advanced Email Security had a very good detection rate score. Obviously, that was one of the reasons we chose them eventually. It was not only because they are nice, but because the solution was top-ranked.

If you are looking for a one stop solution that will deal with all your email security, then they are probably not the perfect one because you will still need to add more tools. If you are looking to be the best in security and stop all security threats coming through via email, add this solution to your current environment and trust that they have 99.9 success rates when blocking any malicious stuff. Depending on the company, you can either add them to your portfolio or replace other solutions that are not as good as them.

You need to remember to whitelist your internal services so they will not get blocked. For example, sometimes there are internal services that the company uses. Because they are internal, and not coming from the outside, most security tools will detect them as suspicious.

I would rate this solution as a nine out of 10.

Our customers use the solution for email security in a gateway. The solution is used to block malicious items hidden inside a document or PDF file. Perception Point Advanced Email Security could also analyze affected links embedded inside PDF documents.

The solution is also used to block the email gateway. Perception Point Advanced Email Security is similar to IRONSCALES.

Perception Point Advanced Email Security should make available more use cases.

I rate Perception Point Advanced Email Security a nine out of ten for stability.

I rate Perception Point Advanced Email Security a nine out of ten for scalability.

Perception Point Advanced Email Security's technical support is excellent. The solution has 24/7 technical support that you can always contact.

Positive

The solution's initial setup is very easy. The POC would take or two; it doesn't take long.

Perception Point Advanced Email Security's deployment doesn't take long. It can be done within a week, and sometimes it takes less than a day.

Perception Point Advanced Email Security is deployed on-cloud.

Perception Point Advanced Email Security is a good solution to try. It's easy to deploy, highly scalable, and really granular. It's a solution users can use that will really help the organization.

Overall, I rate Perception Point Advanced Email Security a nine out of ten.

It's our mail relay system. We are using it to filter all our incoming emails. It's also a security platform for our SharePoint and OneDrive.

The main benefit to our company is the reduction of risks with the potential to evolve into more complex security events. The solution stops those risks before they get to the end-user. We saw, when using other solutions in the past, that some of the emails that are blocked today were passing through. The overall effectiveness of this security solution is much better.

Also, our SOC team is quite minimal, so it's very helpful for us to have an external team that assists us with handling incidents. We don't have the time or the resources to handle all of them. We are currently evolving our teams and their SOC team is more effective when reviewing things. It saves us time because we don't have to do anything within the system. We can just reach out to their IR team and they will investigate and take the relevant action. It reduces some of our load.

Their portal is very convenient, very easy to use, and very good for managing. The portal also provides a great investigation process, where we can open a ticket for each email that we think should get a second opinion. Their Incidence Response team will respond.

The solution can pull emails that have already been marked as malicious from the mailboxes. Their security engines are very effective at stopping malware and potential attacks before they reach a user's mailbox. They have the best detection engine.

When it comes to the scale of scanning, the solution looks at each email, the body and each attachment, to try to detect potential malicious links or macros. It scans everything. We feel very comfortable with that. It will not miss any email. Other companies' security engines sometimes decide on their own what should be fully scanned and what should not. With Perception Point, this is not the case. Everything is fully scanned.

They could improve their anti-spam engine a little bit, because there are a lot of false positives. Sometimes, emails pass through their system but are spam. In terms of security and engines for malicious emails and antivirus, they're doing a good job. Their other engines can be improved.

This is something we discussed with them before we purchased the solution. We discussed their roadmap with their product team. The spam engine is something that they're working on. We know that their spam engine is going to improve in the very near future.

We also spoke with them about a change to the GUI so that we can release more than one email at a time. Also, if we want to open investigations into a few emails, we need to go into each email to open the investigation. When we have done onboarding within our company, there have been times when we had a lot of email that we needed to whitelist. It took a lot of time to go into each email and open a ticket. It would help if they added a feature where we could add similar emails, or more than one, to a ticket for the IR team.

We have been using Perception Point Advanced Email Security for almost three months.

So far, we have not had any problems. We know that before we went with the system there was some downtime, but we haven't had any issues.

We are not aware of any issues with scalability.

We are protecting about 3,000 mailboxes, and growing. Part of our plan is to increase our usage of Perception Point. We have additional companies that we are working on migrating and we plan to move their email traffic under this umbrella as well.

They provide good support. If we have a problem, we create a ticket in the Perception Point system. And if there is something that we don't think can be handled through the portal, we can call or email or WhatsApp our customer success manager and everything works. He replies very quickly.

Positive

We switched from Symantec Mail Security. The reason we moved forward with Perception Point was the security portfolio. We were impressed with how very effective it is.

The initial setup was straightforward and easy. It didn't take a lot of time. If you want to add some domains, the whole process takes a maximum of one hour. We worked with their customer success manager and he was very responsive to us and available most of the time. We have a large company with a lot of mailboxes and in the first few days of the integration we were in direct contact with him by WhatsApp, by emails, or by phone. The integration process went very smoothly.

We were able to move from Symantec to this solution in one week, and the time to value was from the moment we started to use Perception Point. 

You don't measure security products on return on investment.

The licensing mechanism is fine. It's quite standard. The pricing was fair in comparison with the other solutions. We have received good value for what we paid.

We tried to use IronPort and Microsoft. We selected Perception Point because we liked their engine for detecting malicious emails. We also liked the GUI and the easy setup. Besides the effective security, which was a major part of our decision, we also thought that the total cost of ownership of the product would be better for us, as we are a very small team. Another factor was that it included SharePoint protection and that was an extra feature not available in other solutions that were just anti-spam systems.

It's hard to compare the detection rate among these solutions because all of them are doing a good job.

The best part of Perception Point was that the system is already configured for best practices. It does the job as well as it can be done. When we tried other solutions, they had to be configured down to the smallest details. And if there are any changes in the environment, we would always have to be ready to change the system configuration. Again, because we're a small team, we felt that it would be better for us to go with a system that is configured optimally.

Consider Perception Point. It is a very young company and it's evolving, so you need to be aware of that.

Some companies use it as a second tier of protection, not as the first tier like we do, because they have an additional product that does the initial filtering.

Check the solutions you are looking at against any additional needs you have because not all platforms provide the interfaces that might be required for some organizations.

If you go with Perception Point, you need to work with them to make sure you fine-tune your policies with their IR team, especially if you have an evolved SOC team. You need to make sure you coordinate efforts and that policies and decisions are made according to what your company requires.

We are currently working only with email protection. The way it's implemented in our company is that it scans 100 percent of our incoming email traffic. Perception Point has seven or eight scanning engines for detecting malicious activity, whether it's a phishing attempt, a malware attack, or any other type of cybersecurity threat. The way it's implemented is inline, so that if their engines detect something, the problematic email will be blocked and the end-user won't get it.

They also have an Incident Response team so that if something looks suspicious the IR team looks into it and approves or releases the emails. It depends on the use case.

Until we had the Perception Point, if a malicious or suspicious email got into a global user mailbox, if he didn't fall for it he would just manually send it to the security mailbox and then we would have to manually check it. Now, with the Perception Point engines scanning things automatically, it helps our security team to better see the malicious activity that has globally targeted employees.

In addition, it has reduced the number of alerts received by our endpoint layer by about 20 percent.

It saves our entire security team a lot of time and it gives our organization better protection.

What's really good about this platform is that  

• you have full visibility 
• it has a very nice and very friendly UI
• it's quick
• there's no latency in the scanning. 

I'm able to log into the system to see what's happened. I do that every day because in the company I work for things are a bit sensitive. I don't trust any solution 100 percent, so it's not just Perception Point. I like to see things myself and decide.

And the speed of scanning is very quick. The time it takes is almost nothing.

That's what we need. It pretty much gives us the perfect solution for our requirements.

In terms of their detection, if there is malware they detect it. For nine months we haven't seen more than a couple of true negatives, meaning malicious emails that did get through their scanning system. It has helped to prevent hundreds of threats.

We have had a few false positives, not that many, but a few. 

About 90 to 95 percent of the time, it's doing a great job but, the same as other companies, they can do better. They can add internal processes that will give an end-user the perfect solution. When I log in to the system, I can see all of the emails that were flagged as malicious. Some of them are false positives, and I get that. However, they have a feature where someone from the Incident Response team can look at an email and mark it as "verified malicious." You might think that if an engine detects it is malicious, and an IR team member has flagged it as malicious, it will definitely be malicious. But that's not always the case. Sometimes the engine detects it as malicious, and the IR team verifies that, but it's still a valid email, not a malicious one, and I have to release it manually.

But in the beginning, we had more false positives. Over time, the false positive ratio has gotten better. Instead of 20 false positives there are now about 15 false positives a month.

I've been using Perception Point Advanced Email Security for about eight months.

The solution is very stable. There were a few crashes but they weren't related to the solution itself. The solution is on a cloud service provider and the few times that it has crashed were because of an issue with the cloud service provider.

It's very scalable because it can give you lots of options. We are not using all  the options that are available, because we don't need them, but it can provide a very nice set of solutions.

Their technical support depends on the person I'm dealing with. I know the guys in technical support, and some of them are good and some of them have some tricky responses but, overall, they are pretty good.

Positive

This is the first solution of its kind that we are using. We started looking into tools like this because this kind of solution is a must-have tool.

The initial setup was very straightforward, very easy. It took just a few minutes and it started delivering value from the first minute.

It's used by our entire organization. In terms of maintaining the solution, it's just me and maybe one or two other guys in our whole company.

We had a PoC with another company, but Perception Point mwas better than the other product we were looking into, by far. The main difference was the management part of the platform. For me, as a platform manager, it's so easy to see and manage the entire operation. It's very easy to do stuff inside.

The detection rate was pretty much the same for both products. But we tested the other product for only about two weeks and Perception Point for about one and a half months, so that was different. The false positive rate was also pretty much the same.

This is the first product you should look into because it's really good.

If I have the option to use another feature or another product from Perception Point, I'll definitely consider them as a good player in the market, and I'll for sure start with a phone call to one of their salespeople.

We use them for email security of all our clients. We only use their email protection right now. We don't use their protection for Teams or other services. We use it strictly for email.

We get emails every time one of our customers gets a blocked email. This is something that I like to see. I probably get hundreds of emails that go to the folder for blocked emails. I see it blocking a lot of phishing emails that look like Amazon or Microsoft Office 365 logins. With common websites, people don't even think if they see a fake email. I see a lot of them getting blocked. 

Overall, I am very happy with it. We use it for ourselves and all our clients. It is rare to see something slip through. It definitely happens that there will be an email that comes through that is dangerous or junk, because no solution is 100%. For their effectiveness, I would rate them as nine or 10 out of 10.

I had a customer who was decent-sized, about $15 million a year, as we work with small businesses. This guy had no email security. I kept telling him, "Hey, I need you to buy this email security. Your employees are clicking on bad links." The guy refused to buy the software. It was only a couple hundred bucks a month, which is not much for a company of their size. Then, his accounting person got a lot of emails and clicked on one. They got hacked. The hackers got into their bank account and took about $70,000. This is an example of people who don't have email security.

Knock on wood. We haven't had a client, who uses their protection, have an email security breach. That is the best thing about what they do. We don't have to think too much. Their product just works and keeps bad emails away.

There is now real recognition from our customers about email security. A lot of people now know how dangerous email can be. Perception Point does a good job of keeping danger away.

The way that they scan all embedded links in an email. One of their features is a scan engine. It scans every link, then tries to determine if it is an active site. So, if they saw a threat and the website was down, then it is not really a threat. If there is a link in an email, they still pass the email through because they can't determine that it is a problem. However, when they scan them and see a problem, then we can see these results in the portal, which is good as well. 

If we have clients who say, "Hey, I didn't get this email," or "Look at this," we can view a lot of this information in the portal. 

With Office 365, the nice thing is that if an email does slip through, we have the feature enabled where we can notify them or log into the portal, then it will take the email out of our customer's mailboxes.

Their marketing and training need improvement. When some of their new features come out, they don't do a great job of notifying or educating us, e.g., sending emails such as, "Hey we..." 

Just to create a new customer, we used to have to go through their support team. The last time that I had a new customer, they said, "By the way, we have a new feature. You can do it yourself," and that was fine. 

They just don't do a good job of promoting themselves. They seem like a typical busy IT company who is just working on fixing problems and making technology better. However, they are not fantastic at marketing themselves to existing partners, which is not a bad thing. It is just something for improvement.

I have been using it for two to three years. We might have been one of the first IT companies to become a partner with them.

It has been very available and stable. The only time that we have had an issue in the last couple years (because they are based off Amazon's platform) was about a month ago when Amazon had that huge outage in Virginia. That was a problem.

The problem was that Amazon went down and our customers could not get their emails. However, the good news was that all the emails were saved at Amazon and Perception Point. There was a workaround. We could have removed Perception Point from our customers, but that would have removed the email security. So, when our customers called us and freaked out, saying, "I don't have it." We told them there was an Amazon outage. I said, "Listen, you can either wait until this gets fixed or we can remove the email security." All our customers said, "No, I'll wait," because they don't want their employees to get email viruses and click on them. 

Our largest customer is not very large compared to an enterprise. The solution is fine for us based on our client base.

Their support has been fantastic. We get very quick responses. With another vendor, I had to wait a week sometimes for an answer, which was crazy.

I have had a couple customers get mail bombed, getting 10,000 emails a day. It is impossible for somebody to check their email when they are getting that many. I had to reach out to Perception Point support. 

I have the cell phone of one of the top guys on the technical side. If I can't get a hold of somebody on their main number, then I can text or call him. I have had to a couple times. He gets somebody on his team to help slow down these mail bombs. I don't know if that is part of their Incident Response Team, but they have definitely done a good job when we have had some email emergencies.

Sometimes, their support is not 100% perfect. I would rate it as 9 or 10 out of 10.

Positive

We use Proofpoint and still have them as a vendor for people who have onsite email servers. 

We were trying to use both Proofpoint and Perception Point for a customer, and it didn't work. That was because of Proofpoint. So, we were stuck only with Proofpoint. 

I don't like Proofpoint. Their support has gotten better for some reason. I am not sure what has changed, but they had a period where their support was really bad and it was hard to get in contact with somebody. That has changed. It has gotten a little better, but I have had some problems recently. This was one of the reasons why I didn't want to use Proofpoint. They are a little too big and haven't given us good service as an IT company.

IRONSCALES is a big player and we tried using them. We went through demos and talked to sales engineers. I didn't see it stopping a lot of bad things, but I don't know if we had it configured correctly. We could never get it to work right. When we had issues, e.g., we had some emails that were blocked and some other problems, it took them weeks to get back to us. That is just unacceptable when you are dealing with email products.

I just didn't have good experiences with Proofpoint and IRONSCALES.

The initial deployment is easy. They have a document that shows you how to do it. Once you do it a couple times, you can repeat it easily. I have done it quite a few times. I can probably set somebody up on Office 365 in 15 minutes or less.

After deployment, the solution starts delivering value immediately, when it comes to stopping threats. As soon as you put them in place, they are scanning emails for anything bad coming through, which is a nice thing. 

People don't realize the benefit of it. When we get a new customer, we include this solution in our pricing. They don't even realize that we put it in. The first thing that our customers don't realize is they are not getting a lot of viruses or bad emails. The second is that they are staying up all the time. For example, with this other previous customer who didn't have it, they had somebody clicking a bad email almost every day. They were at risk of getting an infection, and then they had problems. We would then have to go clean it up. Their employees couldn't work because we were working on the computer where they clicked the bad email. 

For people who don't have it, they will see the benefit when they do have it. It won't interrupt your business because everything runs smoothly. You never see the bad stuff. 

It prevents downtime. A lot of our customers don't like it when their employees are not working because they are paying them to do nothing. If I have to work on somebody's computer for two hours, that is two hours when somebody is getting paid to do nothing. That is the thing that this type of solution helps with. It is really a waste of my time. Because if they had this solution, I wouldn't have to spend two hours cleaning it up.

There is room for improvement for them with an MSP partner. The pricing is good and fair. Our customers don't complain. The only thing is that it's a little bit old school. They don't have a system that automatically checks the number of users that our customers have so we can just update the licenses ourselves through a website. It is still done manually. They have a person who checks invoicing monthly to determine if there have been any changes. A nice improvement would be if they could get automated licensing counts. 

I have gone through a couple different vendors and didn't like the other products. Then, I found Perception Point. I used to know a guy who worked for them. We looked at their product, which did what we needed to do. Also, support was important for us. With some of the larger companies, I have had problems getting issues fixed that needed to be fixed in a timely manner. So, we decided to go with Perception Point, their technology, and portal, which shows us how it scans information in emails.

It keeps the bad emails out. They do the job of email security. We have been pretty lucky.

Do a demo with Perception Point and other vendors to see what you like. Everybody likes things for different reasons. One of the biggest selling points for us is the quick access to support via email and phone. That was my number one or two reason for going with them. You want a good product that protects you, and there are a lot of good products out there now, but the support is really why we went with them. If you want good support when there is a problem, think about these guys, because we didn't have good luck with some bigger companies.

I would rate this solution as 9 or 10 out of 10. We are super happy.

The primary use case is email security.

We had a situation where we had a lot of spam and phishing emails in the organization. Perception Point Advanced Email Security was the only product that helped to stop that from happening.

Perception Point Advance Email Security has helped to reduce the number of alerts received by our endpoint layer by 20%. If they couldn't do a good job in blocking the phishing emails, eventually there would be an alert. This reduces the time and effort my team needs for addressing an alert. It reduces the time that users may have to deal with an alert and stop their internal jobs. We are a law firm. So, a lot of effort needs to be spent when an alert pops up.

This is the only solution that I know, which filters emails and secures mail relay. It is scanning all our emails and gives us advanced security information about it.

The solution has helped to reduce our false positive rate.

They need more customer engagement. The product works very well. The IR works very well when we contact them. However, day-to-day, they should have more in communication with their customers explaining new products and features. There is possibly something that if I would know about it, then I would buy and use it. Maybe I need it. They need to improve their communications.

I have been using it for two years.

The stability is very good. It is very close to 100%.

We are not that big of an enterprise organization, but it suits our needs. We have more than 500 users, which is thousands of emails a day. There have been no problems with the scalability.

The Perception Point Incident Response team acts as an extension of our SOC team. This is very important for us. This is a benefit provided for their main product of scanning our emails. If Perception Point can give me IR, this is really good versus other products that do not provide this kind of service. Perception Point's service is great. They are very professional. That reduces the time that my internal SOC has to deal with my internal IT person. They just send an email to the IR team at Perception Point, who continues the investigation and blocks any emails, if necessary. This is very good because it can reduce a lot of time and effort from my team. It is like an extension of my SOC, but external.

Positive

We previously used two different products. They didn't filter all the phishing and the spam messages into my organization well enough. That was the main reason that we switched to Advanced Email Security.

We used to get suspicious emails. After deploying Perception Point Advanced Email Security, those suspicious emails were blocked and no longer being sent to our employees.

The initial setup was straightforward. There were no problems with the implementation or integration with Microsoft 365. I don't remember any false positives.

The deployment took something like a day.

After deployment, it took a week for the solution to start delivering value when it comes to stopping threats.

We cannot measure it financially, but there has been return on the investment. My employees don't need to deal with alerts or phishing messages coming into their inboxes. This is where the return on investment comes in. My SOC team doesn't need to address every phishing or spam email. This saves us time so employees can continue with their work.

Perception Point Email Security has helped save about four hours a week for our SOC, which is nice.

The pricing and licensing are very fair compared to competing companies in the same field.

Perception Point did a really good job versus the other products that we evaluated. This is one of the main reasons that we chose them.

Do not hesitate to buy this solution.

I would rate this solution as nine out of 10.