We have some unique use cases that we're working on with them, like integrating their solution with Zendesk and with Shodan.

In terms of architecture, and I know that they're going to improve this, the solution needs to be much more redundant. There was an outage a month ago in AWS, and that basically stopped the service for two or three hours. Although in two years, this was the first time that something like that happened, our expectation from a company like Perception Point is that it should work with either a multi-cloud or multi-region architecture, to improve the resilience. Perception Point can find a better way to maintain availability. In this case, the AWS problem was in North America, so if Perception Point had had a region in Europe, they probably would have been able to recover much more quickly, just flip it, and that would have been it.

They could improve their anti-spam engine a little bit, because there are a lot of false positives. Sometimes, emails pass through their system but are spam. In terms of security and engines for malicious emails and antivirus, they're doing a good job. Their other engines can be improved.

This is something we discussed with them before we purchased the solution. We discussed their roadmap with their product team. The spam engine is something that they're working on. We know that their spam engine is going to improve in the very near future.

We also spoke with them about a change to the GUI so that we can release more than one email at a time. Also, if we want to open investigations into a few emails, we need to go into each email to open the investigation. When we have done onboarding within our company, there have been times when we had a lot of email that we needed to whitelist. It took a lot of time to go into each email and open a ticket. It would help if they added a feature where we could add similar emails, or more than one, to a ticket for the IR team.

There is still room for improvement with BEC. There is more work to be done by Perception Point on machine learning and neuro language as well. BEC is very difficult if you don't have a computer language looking into the content of the email and trying to make a determination through that. With BEC you often don't have an attachment or a URL. That is an area where there is certainly room for improvement.

They could add some more features or interesting stuff that we could integrate.

From a forensics point of view, it could improve a bit more from a threat intelligence aspect. So, if I find a malicious email, they could have more investigations about sources, headers, where it comes from, if they have seen it in other campaigns before, etc. I would like a little bit more from a threat intelligence point of view so I can understand who else might be affected and attacked as well as the vectors of attack.

Email alerts should be available in real-time. Alternatively, emails should be sent more often. It would be better to get between six and eight emails per day to help us understand what is happening.

At this time, we don't have an option to customize alert emails for our customers. They come directly from the vendor and we have no control over them.

The reports should be more customizable.

The only thing that can be improved in Perception Point is the in-depth analysis and attribution to cyberattack groups. This is an issue I have raised with their product team. Currently, when we get malicious content, we don't know where it came from. One of the things that worries me the most, as a sysop, is whether we are being targeted by any of the cybercrime groups. This is something that Perception Point doesn't do, so I have another cyber threat intelligence team that does the investigating. Ideally, Perception Point should offer this as part of their service.

Its websites for analysis need to be a bit more approachable for people who are less technical. Technically, it is a fire-and-forget solution. So, you want to be able to implement this solution for a lot of companies who don't have security operation teams (SOCs) behind them. You need to have something where a secretary can jump onto this console and release whatever she needs to release. Therefore, it needs to be written in a very specific non-technical language.

Dashboard is an area of concern in the solution where improvements are required. The solution also needs to consider adding DMARC to the tool and providing phishing awareness training since such initiatives can be helpful for users. Usually, I need to opt for a solution to get DMARC and receive phishing awareness training since the aforementioned aspects are not available in Perception Point Advanced Email Security.

Perception Point Advanced Email Security should make available more use cases.

Our users would like the solution to scan outgoing emails. So, if my system is compromised, and I have malicious content in my system, then there is a possibility that I send malicious email to my colleague.

There is a dependency on AWS cloud.This means if the cloud service is down, which may impact the perception point's email delivery.So it would be great if there is any HA for the solution.

I would like a user-friendly configuration, like APIs. This solution is API-friendly configuration by following the steps provided. It would be great if it could be  automate it, like the Avanan.Also, it would be good if Perception Point Advanced Email Security could have an MSP model.

During the early stages of working with this solution, there were some constraints and issues.

They can do better on the spam. Today, Perception Point is not our only solution. We have two solutions, and they are the second in line because the spam filtering is not yet the best. 

From an operational perspective, as a customer, we want to have the ability to do all the changes that we want. I don't want to have to approach the Perception Point guys, and say, "Please do: A, B, C, D." I prefer to have my guys do our customizations.

There is room for improvement in terms of adding the DLP (Data Loss Prevention) solution, which would be a good option for Perception Point to look into.

In future releases, additional features that our clients would like to see included in the next release of Perception Point are Phishing Link Protection (PLP) and security awareness training. Security awareness training used to come along with email security solutions.

We have had a few false positives, not that many, but a few. 

About 90 to 95 percent of the time, it's doing a great job but, the same as other companies, they can do better. They can add internal processes that will give an end-user the perfect solution. When I log in to the system, I can see all of the emails that were flagged as malicious. Some of them are false positives, and I get that. However, they have a feature where someone from the Incident Response team can look at an email and mark it as "verified malicious." You might think that if an engine detects it is malicious, and an IR team member has flagged it as malicious, it will definitely be malicious. But that's not always the case. Sometimes the engine detects it as malicious, and the IR team verifies that, but it's still a valid email, not a malicious one, and I have to release it manually.

But in the beginning, we had more false positives. Over time, the false positive ratio has gotten better. Instead of 20 false positives there are now about 15 false positives a month.

They need more customer engagement. The product works very well. The IR works very well when we contact them. However, day-to-day, they should have more in communication with their customers explaining new products and features. There is possibly something that if I would know about it, then I would buy and use it. Maybe I need it. They need to improve their communications.

They could provide additional data loss prevention features as we encounter different kinds of attacks in today's scenario. It leads to data losses. It would be beneficial to include such functionality.

I don't have anything bad to say about the product.

One feature that might be nice to have, and I don't know if Perception Point could actually do this, would be that when you are sending an email with sensitive information, Perception Point would either block it or trigger a message saying, "Are you sure you want to send this kind of information to these recipients?" Something like that, before you make a mistake, would be helpful. Some type of AI agent that determines what, for us, is sensitive information, would be great.

It would be helpful for Perception Point Advanced Email Security to have more integration with other solutions.

Their marketing and training need improvement. When some of their new features come out, they don't do a great job of notifying or educating us, e.g., sending emails such as, "Hey we..." 

Just to create a new customer, we used to have to go through their support team. The last time that I had a new customer, they said, "By the way, we have a new feature. You can do it yourself," and that was fine. 

They just don't do a good job of promoting themselves. They seem like a typical busy IT company who is just working on fixing problems and making technology better. However, they are not fantastic at marketing themselves to existing partners, which is not a bad thing. It is just something for improvement.

This is an option to preview an email in their console, and that could be improved. If you open the preview, then it auto scrolls. Therefore, it is hard to look at the email when it is going to the next page or scrolling. It should not have the auto-scroll.

Coming from products in the Microsoft stack, Perception Point doesn't really give you, as an admin, a lot of options to make changes yourself. It's more on their side to make changes in the back end. That's something they could improve on in the future.

Also, the search functionality is kind of tricky or buggy. When you enter some text to search, you have to scroll down to find the search button. It's a bit more friendly on the Microsoft side, or maybe I'm just more used to Microsoft. But if you copy a piece of text, like the subject of an email, and you paste it in the Perception Point search, you cannot modify it. You have to modify it before you paste it. That's just the way their text input field works. They need to pay some attention to the search functionality.

Also, you cannot really see graphs of evolution over time. You can choose various timeframes like one day, one week, one month, or a custom timeframe, but you cannot really see any evolution or compare graphs. You can't really see what the spikes were in one month. Perception Point does have a very graphical layer and they tell you, "We stopped this many emails with this layer, and we stopped this many emails at this other layer," which is very nice, but I would love to see a graph showing evolution and spikes.

I think the interface could be improved in the next release. I think making the solution more user-friendly would be helpful.