Perception Point Advanced Email Security Reviews

We are today using this product for email filtering and we plan to use it later for file filtering on cloud-sharing platforms.

This solution is very effective at detecting malicious content and very fast in adapting to new threats. There have been new types of attacks which, instead of attaching malicious files to emails, have been attaching to Google Docs that are hosted on the Google Cloud. Within a couple of days, Perception Point updated the engine to a filter and block such attacks. For us, it was very beneficial because the users are not allowed to open attachments, but when people asked them to view a document on the cloud, they weren't used to it. This left them open to this type of attack.

The Perception Point incident response team acts like our own SOC team, which is important because we do not have a SOC, but rather a limited incident response team. This means that any external assistance allows us to work on the more critical areas and identify the events that we have to investigate. In general, it significantly reduces our internal workload.

When it comes to incident management, I think that the Perception Point incident analysis is very fast. It usually takes less than an hour to go back with initial reactions, and they adapt the technology very fast as well. They provide either interim solutions or full solutions to all of the incidents that are identified.

In terms of engine optimization, ever since we started working with Perception Point, we have been able to monitor improvements to their capabilities, including adaptations they have made. Moreover, our own team was able to work with the system and ask for improvements, and they've all been done very fast.

Perception Point has helped to reduce our false positive rate by approximately 90%. More generally, it has reduced the total number of alerts we get. We used to have more than 100 endpoint alerts per month and it has been reduced to individual ones. Overall, that is a greater than 90% drop in alerts.

The most valuable feature is the ability to identify malicious content and phishing emails and reduce the workload we have to do in terms of security. The quarter before we used Perception Point, we had about 400 positive identifications of malicious content being used by employees, probably getting them via email. Since using Perception Point, we have almost nothing.

The only thing that can be improved in Perception Point is the in-depth analysis and attribution to cyberattack groups. This is an issue I have raised with their product team. Currently, when we get malicious content, we don't know where it came from. One of the things that worries me the most, as a sysop, is whether we are being targeted by any of the cybercrime groups. This is something that Perception Point doesn't do, so I have another cyber threat intelligence team that does the investigating. Ideally, Perception Point should offer this as part of their service.

We have been using Perception Point Advanced Email Security for the past four or five months.

We are using it as a SaaS and since we have been using it, there have been no noticeable service interruptions.

It seems to be very scalable. It's cloud-based, so it should be able to scale nicely. We haven't done load tests because our load is not very high.

We have about 1,400 people who are protected by this product, and they work in every role that you find in an enterprise. We are located in Asia, Europe, and North America.

The technical support is very good. Most of the time, they reply within one hour.

Prior to Perception Point, we were using a solution by Barracuda. We switched because Barracuda didn't provide the capability to filter emails and block the malicious content we wanted.

The initial setup was very simple and straightforward. As we are using Perception Point as a mail relay, it only involved changing the MX record or DNS records in order to relay our email messages to Perception Point, and whitelisting the Perception Point addresses in our email systems. It was a very simple configuration, and it was up and running very fast.

We have many domains, and some of them took some time, our major domain was done first and it was completed within one day.

After deployment, it started providing value immediately. That said, it took a few weeks before we identified everything that needed to be whitelisted or blacklisted.

It requires some administration in terms of blacklisting and whitelisting rules for URLs of domains. There are some cases that the out-of-the-box solution doesn't identify properly, especially when there are misconfigurations by people that we communicate with.

I managed the deployment, but someone on my team did the technical setup.

We have seen ROI in the form of reduced security team activity, a reduction of employees clicking on phishing emails and malicious content, a reduction in the need to re-image machines that have been infected by malware, and a reduction in the incident response (IR) activities.

We were able to get reasonable pricing that matches the ROI we want, so I think that it is the correct price point.

We evaluated other solutions including Mimecast, Sasa Software, Forcepoint, and a couple more. Some of the products that we looked at didn't offer a full SaaS solution so we didn't consider them.

We didn't perform a full pilot program with the rest of the vendors because we had a situation where we wanted to deploy very quickly. We were in a dialogue with Perception Point, it performed perfectly, and we just decided to move on with them.

My advice for anybody who is considering Perception Point is that there are no false negatives and no false positives with this product. Overall, I am very happy with it.

I would rate this solution a nine out of ten.

It transports rules from our mail system to their scanning mechanism.

It is a very straightforward solution. The mail just goes through their system. They scan it, and if there are any cases of cyber threats, then they will be stopped over there. We don't really feel the system. It is like fire-and-forget.

We have an organization which mostly uses mail to communicate. Today, there are a lot of social engineering attacks that go through vectors of sending you URLs to have phony websites for credential harvesting or a URL that will inject some kind of a payload into your browser. This system actually cleans it, blocks it, or alerts the user. This is what we find to be very good and how it protects our organization. We are not using the system per se; it is just protecting us. Think about it like going with some type of a shield that actually protects you.

In our case, we have a lot of mail traffic. So, we estimate something like 20 attacks a month. However, it really depends how your organization is targeted. If your organization is a target organization, you are probably going to have more attacks. This system will prevent you from being a victim of these types of attacks.

We have only had one false positive with Perception Point Advanced Email Security.

It keeps my emails safe. This is the main feature.

The solution’s effectiveness when it comes to detection is very good. It has a very good mechanism. It scans our emails. It identifies any threat or phishing attempts and phishing campaigns as well as any bad reputation, servers, or links, then it blocks them. This is what I find to be very good about this system. This is what we are always looking for.

Its websites for analysis need to be a bit more approachable for people who are less technical. Technically, it is a fire-and-forget solution. So, you want to be able to implement this solution for a lot of companies who don't have security operation teams (SOCs) behind them. You need to have something where a secretary can jump onto this console and release whatever she needs to release. Therefore, it needs to be written in a very specific non-technical language.

I have been using it for three to four months - not very long.

It is very stable. There are no issues.

One person is needed for maintenance, e.g., if you need to release a false positive, but we haven't really had this experience yet. Otherwise, no one is needed.

I presume Perception Point Advanced Email Security was built on a robust system where you can grow with it.

The users in our organization are my technical leader and me.

The technical support team is very good. They are responsive and knowledgeable.

We are working with someone specific at Perception Point who is doing a very good job. This is important because if you have a false positive or something that needs further investigation, then you will need to use the Incident Response team. So, you want to have a very good connection with them.

The Incident Response team is very good at what they are doing when it comes to the incident responses. It is a very good company. I really recommend it.

Our previous mail system, when it came to cleaning phishing links, was not very good.

We didn't switch. We added this solution as an additional security layer. The threat of a social engineering attack, crypto viruses, and all these URLs which will download something to your computer or will redirect for credential harvesting is becoming a bigger problem. People are attacking the human factor behind the computer, not the system itself. In this case, Perception Point Advanced Email Security is a good protecting layer for these kinds of attacks.

The initial setup was a bit complex when it came to the transport rule, which was needed to create a 365 account on Microsoft. We did that with the Perception Point support team. They did this together with us. I would like this to be a little more accessible, explaining why they are doing this or put it into place.

Our deployment took half an hour to an hour. Configuration was required on Office 365.

After deployment, the solution started delivering value immediately, when it comes to stopping threats.

We worked with the Perception Point support team. Together, we opened the console.

It took just one guy to set up the transport rule on Office 365.

Perception Point Advanced Email Security has helped to reduce the number of alerts received by our endpoint layer. It blocks the URL which downloads the payloads to the machines or is alerted that the URL is suspicious. Technically, it is preventing the payload from being downloaded to our machines, then the endpoint protection is not activated.

Because of the reduction in alerts, you don't need to start running around and checking each one of the computers to see what is happening or go into the console every now and then to check it. That is not happening, since you don't have anything to check. You are actually saving on your security team management. This has saved us a couple of hours. 

It's very difficult to find return on investment when it comes to security mechanisms, because there is no return on investment until something happens. If you have a crypto virus where someone will ask you for ransomware of a million dollars, this is your return on investment. We are trying to eliminate the option for this. When you come upon this ransomware, it is already too late. So, it's very difficult to calculate the ROI on this.

It is more of an insurance policy. However, in insurance, you still have your personal fees as well as a fee if something happens, where you take part of the damage upon yourself. I think this solution is more robust and bulletproof.

When compared to other solutions on the market, it is relatively fair.

We used other solutions, like IronPort, and decided to add an additional layer.

I would advise someone, "Go and do it."

This solution is a security layer that needs to be done or implemented in any organization because of the risks that people have today when it comes to attacking human factors. This is a good blocking solution for these attack vectors.

We are considering right now to extend the solution to SharePoint and OneDrive. We are looking for the budget.

I would rate this solution as a 10 out of 10.

We use the product to safeguard your organization's email communication from various threats, particularly targeting senior-level employees. The aim is to prevent phishing attempts, spam, and other malicious attacks that often target executives or individuals accessing sensitive information.

The most valuable feature is the technical support services. They are doing a notable work. We can easily send requests to resolve issues in case of malicious attacks. Their response time is good. Additionally, the user interface is accessible. Even users from non-technical backgrounds can easily understand the status and nature of emails, whether they're spam, phishing, or malicious. This user-friendliness stands out as a significant positive point.

They could provide additional data loss prevention features as we encounter different kinds of attacks in today's scenario. It leads to data losses. It would be beneficial to include such functionality.

We have been using Perception Point Advanced Email Security for five months.

The product is stable.

The product scalability has been much appreciated. We do not encounter any lag or downtime. It doesn't impact the email flow aspect as well.

We have used Mimecast before. Their user interface was complex and complicated to navigate. During the POC, it was evident that Perception Point could detect and prevent certain malicious emails that Mimecast had missed.

We switched to Perception Point as it has better reviews than other competitors in email security scenarios.

The initial setup of Perception Point, whether deployed on-premises or in the cloud, was straightforward and efficient. The installation and configuration process took approximately an hour, including onboarding and DNS settings. Compared to other email security solutions, it was a quick setup process, requiring minimal time.

The product generates a good return on investment.

Some features related to the user interface need improvement. While the pricing for email security alone remains reasonable, their additional offerings for collaboration apps like Teams, Zoom, and other web security vendors might entail a slightly higher cost.

I rate Perception Point Advanced Email Security an eight out of ten.

We are using Perception Point Advanced Email Security for filtering or securing our email system.

The most valuable feature of Perception Point Advanced Email Security is the filtering and securing of emails.

It would be helpful for Perception Point Advanced Email Security to have more integration with other solutions.

I have been using Perception Point Advanced Email Security for approximately one year.

I rate the stability of Perception Point Advanced Email Security a nine out of ten.

We have approximately 500 secured mailboxes using this solution in my organization.

I rate the scalability of Perception Point Advanced Email Security a ten out of ten.

I did not use the support from Perception Point Advanced Email Security. However, we did use the support from the dealer we purchased the solution from.

I have previously used IRONSCALES. When comparing IRONSCALE and Perception Point Advanced Email Security, they are very similar. However, IRONSCALE is less expensive.

The price of the solution is high.

I rate the price of Perception Point Advanced Email Security a two out of ten.

I rate Perception Point Advanced Email Security a nine out of ten.

We are using it to screen all emails coming into our infrastructure and email system. So, it is screening and blocking anything noted as malicious. It tags anything noted as spam, which gives us a frontline defense on all emails coming into our organization.

The vendor’s Incident Response team is very good when it comes to incident management, improving the security of our email system immensely.

Perception Point Advanced Email Security has absolutely helped to reduce our false positive rate. We have had half a dozen or less false positives since we have started using it.

I find the solution very valuable. It does what it is supposed to do. It works. 

The solution’s effectiveness when it comes to detection is very good. It is stopping malicious emails and tagging emails noted as spam. So, we are able to disseminate those emails, get what we need, and block clearly malicious emails. It saves us a lot of valuable time. It keeps our users safe, e.g., the majority of emails that they would have gotten in the past don't even make it into their inbox.

This is an option to preview an email in their console, and that could be improved. If you open the preview, then it auto scrolls. Therefore, it is hard to look at the email when it is going to the next page or scrolling. It should not have the auto-scroll.

We have been using it since July or August of last year.

The stability is excellent. We have not had any issues connecting to the platform or with the stability of the platform.

The amount of emails that we get is steady.

We are at roughly 200 inboxes that the solution is protecting.

Their support is very good and they respond quickly. If we do have a false positive or potential false positive, we are able to work with them in a quick, timely fashion. So, if we do notice an email, and if it is a false positive, then we get that noted with them. They do a very good job of fixing any false positive so they do go through the next time. We get those fixed right away.

When there is a potential false positive or miss, we work directly with them. Then, it is sorted out very quickly. We have not had to wait to get a resolution. 

We used MDaemon as our email, Absolution, and Windows.

Because it is set up in SaaS, there is not much in the way of setup from our point of view. You just install it, then it goes.

After deployment, the solution started delivering value immediately when it came to stopping threats.

I save 30 minutes to one hour a day with this solution.

We haven't had any incidents that would compromise the company, so we haven't had to spend any time remediating anything.

We would always like it to be cheaper and save more money. However, we are getting the value from it.

We did not evaluate other options.

The solution works. There are very few false positives. It does what it is supposed to do, stopping it at the source.

The company does not plan to increase its usage in the near future.

I would rate this solution as a 10 out of 10.

The primary use case is for email security.

The most valuable feature I have found is the speed of scanning emails.

I think the interface could be improved in the next release. I think making the solution more user-friendly would be helpful.

I have been using Perception Point Advanced Email Security for the past year.

Perception Point Advanced Email Security is definitely stable for our needs.

We found Perception Point Advanced Email Security to be scalable.

Technical support is very good.

The initial setup was complex and it is similar to out-of-the-box service.

We evaluated Proofpoint, which is higher priced than Perception Point Advanced Email Security.

I would rate Perception Point Advanced Email Security an eight out ten.

We're not yet clients of Perception Point. We have been running a PoC on their email security product for about two months. My managers are still going through some steps to see if we will finalize something with them.

The main component of their product is email security and their solution has been proven to be quite good at catching the bad guys.

The solution has pretty good detection. It has some particular areas that are—if "unique" is not the right word—strong points for them. 

• It has modules to detect malware and that is a strong point.
• It has a very nice way of showing you, directly in the product, a lot of details about certain pieces of malware. It goes very deep and even shows you the assembly code.
• It also does detonations on files and shows you the results in different operating systems. That is very useful. 
• And it has pretty good capabilities for catching malware campaigns that other products are not really catching.

Coming from products in the Microsoft stack, Perception Point doesn't really give you, as an admin, a lot of options to make changes yourself. It's more on their side to make changes in the back end. That's something they could improve on in the future.

Also, the search functionality is kind of tricky or buggy. When you enter some text to search, you have to scroll down to find the search button. It's a bit more friendly on the Microsoft side, or maybe I'm just more used to Microsoft. But if you copy a piece of text, like the subject of an email, and you paste it in the Perception Point search, you cannot modify it. You have to modify it before you paste it. That's just the way their text input field works. They need to pay some attention to the search functionality.

Also, you cannot really see graphs of evolution over time. You can choose various timeframes like one day, one week, one month, or a custom timeframe, but you cannot really see any evolution or compare graphs. You can't really see what the spikes were in one month. Perception Point does have a very graphical layer and they tell you, "We stopped this many emails with this layer, and we stopped this many emails at this other layer," which is very nice, but I would love to see a graph showing evolution and spikes.

We didn't have issues where the service wasn't available. That was okay.

The only little issues that we had were on the identity side, where we would invite a person to join the sandbox that they created for us, we would give them a role, but at some point they would lose access, and we would have to do some steps again. I'm not sure why that happened. But we didn't have service interruptions or anything like that.

We ran the PoC in a way that almost all emails that had to go to Perception Point did. It handled that volume pretty well and I didn't see any kind of issues. And I don't expect to see any issues if we were to scale it even more with a bigger volume of emails. We onboarded close to 5,000 email accounts into Perception Point.

Because Perception Point is not such a big company right now, I found that they are very responsive. The account team, the team that we did the PoC with, was very friendly. They answered all of our queries and they were always there. Even if we didn't directly communicate with the IR team, the person that we were in touch with, who had connections with the IR team, was always available. He was always giving us a heads up telling us, "We caught this campaign," or asking us if we needed anything. They were very friendly, responsive, and professional.

We didn't communicate with the support team. The account team took care of anything we needed. But they were excellent.

The way we set up the PoC, just required us to set up a tiny transport rule and that was it. I'm not sure, when you put it into production as your main solution, what that process would be like. For us, having it as a second solution, on top of Defender, it was very straightforward.

We didn't let Perception Point actually stop anything in the PoC. The stopping task was still left to our main production system which is Defender. Our approach in the PoC was that we wanted to see what they would detect beyond our current solution. If I had let Perception Point stop anything, it would have stopped some pretty important campaigns in terms of malware, credential harvesting, and the like. But right now, it's just in detection mode.

During the PoC we didn't really use or talk to the Perception Point Incident Response team. We had two contact points on their side, and one of them was working closely with their IR team, but my colleagues and I didn't interact with their IR team. I know that behind the scenes the IR team was active, at some points blocking things or analyzing things.

I was the primary person who set up and tested Perception Point, in my role as senior security engineer. And one of my colleagues, who is handling email in his role as a cloud operations engineer, was involved. We also had our manager who is our director of IT, and another colleague who is a security analyst involved.

Our main email security solution is Microsoft Defender for Office 365. During the Perception Point PoC, we put the two products alongside one another, and we did see better results for some malware campaigns with Perception Point. There were some campaigns in which Defender for Office didn't catch things and Perception Point did.

We didn't really look for false positives. We were looking more to see if Perception Point could complement our detection stack. There were some things, legitimate domains that we were using, that Microsoft blocked and Perception Point didn't. If Perception Point had been our primary product, it probably wouldn't have blocked them. But in a similar way, Perception Point also blocked some stuff that was not actually malicious.

Perception Point has a very good engine for image recognition, like logos, and it was able to stop some phishing. Anyone could see they were phishing attempts, but somehow, Defender for Office 365 sometimes didn't catch them. Perception Point did, every time.

Perception Point is a good solution. It's definitely worth testing. Every customer's environment is different, and not all companies are targeted in the same way, either because they are in different industries or they have a different number of employees. But phishing is definitely a very important attack vector, and Perception Point's product is very good. It's worth giving it a try, to at least run a PoC to see how it works.

The PoC was a very good experience and, at this point, I'm just waiting for my managers to make a decision about the product.