WIXLIB

User Self ServiceShould the occasional good message be quarantined, user self-service is facilitated from withinOutlook, web, and mobile applications. These user applications make retrieving messages simple,minimizing help desk calls. Self-learning technology and personal block and permit lists ensure thatsimilar messages are handled appropriately in the future.Key Features:MIME OS cloud security platform Centrally administered via a single, webbased administration console. Scalable, multi-tenant cloud infrastructurebacked by 100% availability SLA. Automated synchronization with ActiveDirectory for policy and access control. Monitoring dashboard for email queuesand services, with SMS and email alerting. Advanced routing capability supportingreal-time view of all SMTP connections andrejections. Detailed transmission data for every emailthat is processed by Mimecast. Full suite of user tools.Advanced Threat Protection Multi-layered malware protection againstknown and zero-day threats.weaponized attachments, with safe-fileconversion of attachments to remove anythreats and deliver instantly to users. Sophisticated protection against socialengineering, homoglyph/homographdeception and impersonation attacks. Analysis of internal and outbound emailsto protect against compromised, careless,and malicious insiders. Remediation of unsafe, unwanted,or malicious emails, automatically ormanually based on preference. SLAs: 100% virus protection; 99.5% spamprotection; 0.0001% spam false positives. Threat Feed, Mimecast’s threatintelligence API, enables you to viewMimecast information about threats toyour specific tenant and threat trends inyour region in the SIEM, TIP or SOAR ofyour choice. URL re-writing of all links in emails, withtime of click scans to protect users frommalicious sites. For customers with Internal EmailProtect (IEP), Threat Feed also facilitatesremediation or restoration of files, fromthird party platforms. Scans for and blocks malicious URLs inemail attachments. Easily consumable and actionable threatintelligence specific to your organization. Static file analysis and pre-emptiveattachment sandboxing to protect againstwww.mimecast.com 2020 Mimecast ALL RIGHTS RESERVED GL-21573

Data SheetMimecast Secure Email GatewayTargeted Threat ProtectionProven Defense Against Advanced Email-Borne AttacksMimecast Targeted Threat Protection is a fully integratedcomponent of the Mimecast Secure Email Gateway that’sdesigned to safeguard your organization and employees againstsophisticated email-borne attacks. It helps defend againstattackers trying to steal data or credentials, plant ransomware,trick employees into transferring money, or springboard toattack supply chains. These kinds of threats require advancedsecurity measures over and above those provided by traditionalemail security systems.How It Works: Emails pass through the Mimecast secure email gatewayand are scanned for the presence of URLs, attachments,key words/ phrases, and additional indicators. URLs are re-written and preemptively examined at thetime of click. Attachments are analyzed using multiple methods,including a combination of Mimecast’s patented advancedstatic file analysis, commercial AV scanning, and full systememulation sandboxing. Files can be converted to a safeformat and delivered instantly. Emails are scanned for multiple indicators of compromiseto protect against impersonation, phishing, malware, spam,and zero day attacks.URL ProtectionKey Benefits Protection from ransomware, phishing, spam,malicious URLs, and attachments. Patented protection against social engineering andimpersonation. Remediation of newly identified threats, includingemails previously delivered. In-line education to keep users alert and raiseawareness. Little to no latency so employee productivity isprotected. Granular logging and reporting to see who’s beingattacked, with what, and how often. Benchmarking data through Threat Feed,Mimecast’s threat intelligence API.Mimecast’s Secure Email Gateway with TargetedThreat Protection is designed to protect all typesof email environments, from M365 and GoogleWorkspace to on-premise and hybrid.Attachment Protectionwww.mimecast.com 2022 Mimecast All Rights Reserved GL-3799Impersonation Protection1

URL ProtectionKey CapabilitiesThe URL Protection features of Mimecast’s SecureEmail Gateway scans the destination website attime of click to block access to malicious websitesand protect from exploits.Access to malicious sites, including typo squatted domains and“lookalike” domains using non-western character sets, is blockedusing a combination of global block lists and real-time webpage analysis.URL Protection uses patented computer vision artificialintelligence to detect the logos of highly phished brands onwebsites and then checks that the digital identity of the siteis owned by that brand without relying on signatures. If not,access is blocked. This technology proactively protects againstcredential harvesting phishing attacks.Administrators can block, warn, or allow employee access towebsites. Real-time logging, auditing and reporting, including adedicated dashboard, enables administrators to monitor andtrack phishing attacks.Built-in dynamic awareness training helps develop greateruser vigilance. Administrators can define the frequency ofthese security awareness prompts, or they can be dynamicallyadjusted depending on users’ demonstrated securitycautiousness. Real-time, on-click, website scanning protectsagainst malicious websites, including delayedexploits. Mimecast’s artificial intelligence detectsphishing sites. URLs within attachments are scanned at theMimecast Secure Email Gateway. Attachmentscontaining malicious URLs are stripped frominbound emails. Protection on and off the enterprise networkfrom any device, securing a working from homeenvironment without any client side software. Dynamic awareness training helps developincreased employee caution and threat awareness. Simple, central administration and controlfor holistic policy management, monitoring,and reporting. Protection against multi-staged phishing attackswhere a malicious page can reside after a few clicks.Links attempting to directly download dangerous files areblocked and downloads are subject to the same inspection asattachments.You can also extend the protection offered by URL Protectionwith the Mimecast Browser Isolation integrated service. Itaccesses websites using remote browsers on secure serversin the Mimecast cloud and streams only safe video to the user,adding an additional layer of web protection.Email withURL linksURL links rewritten &message deliveredEmployee receives emailwith rewritten URLs soany link clicked willredirect via MimecastScanning of destinationsite upon clickActivity andaccess loggingGood siteAccess is granted ordenied based onscanning resultsEmployee clicksrewritten URLsBad siteDynamic userawarenesswww.mimecast.com 2022 Mimecast All Rights Reserved GL-37992

Attachment ProtectionKey CapabilitiesMimecast’s Secure Email Gateway deliversmulti-layered protection against attachmentswith malicious payloads, file-less attacks, andalogical exploits. Multi-layered malicious attachment protection,including static file analysis, conversion to a safeformat, and sandboxing. Pre-emptive sandboxing with static file analysis;pre-filter can be selected by administrators and forselected senders defined by end users. Safe attachments are delivered without traditionalsandboxing latency, helping maintain employeeproductivity and security. Granular reporting allows for real-timethreat analysis. The option to convert all inbound files to a safe format meansattachments can be safely delivered to employees withoutdelay – a critical first line of defense against constantly changingmalware exploits. The original file can be requested on-demand,at which time static file analysis and sandboxing are undertaken.In conjunction with URL Protect, links whichlead directly to file downloads are analyzedbefore delivery. Protection on and off the corporate network,including mobile devices. Administrators can select the most appropriate way ofprotection for different groups, or even specific users, tooptimize security without impacting productivity.A Threat Intelligence Dashboard that provides deepinsight into the malware targeting your organization. Inspection of attachments sent within theorganization when used with Internal EmailProtect, including remediation of undesirable, ormalicious content.As attackers have continued to adapt their malware tobe self-aware and recognize when it is being analyzed bytraditional, virtualized sandboxing, it’s become important toinspect attachments using multiple techniques. Our advancedpatented static file analysis breaks the attachment down tospot malicious activity at the code level, probing deeper thantraditional sandboxing can and eliminating latency. AttachmentProtection delivers the optimum combination of speed anddetection of sophisticated, evasive malware.The solution also gives you deep insights insight into themalware targeting your organization using AttachmentProtection that is incorporated into the Mimecast’s ThreatDashboard. Threat Feed, which is Mimecast’s Threat IntelligenceAPI, canbe used to benchmark against peers in your region andget a deeper understanding of threats blocked using your toolof choice.Additionally, information about malicious files identified in yourtenant by Attachment Protectis incorporated into Mimecast’sThreat Intelligence Dashboard.The Dashboard offers easilyconsumable, contextual andactionable insight into themalicious activity targetingEmail withyour organization. Through theattachmentDashboard, you can see whichusers are most at-risk, malwareorigin by geo-location, andrecently observed Indicatorsof Compromise (IoCs). You willalso have the ability to searchfor specific files or messagesif needed.Original attachmentpreservedAttachment convertedto safe file formatStatic file analysis andsandboxing on demandMajor UseMinor UseEmployee needs original attachment,which is sandboxed and analyzedstatically on-demandwww.mimecast.com 2022 Mimecast All Rights Reserved GL-3799Employee's canuse the safe versionwithout requestingthe original file3

Impersonation ProtectionKey CapabilitiesMimecast’s Secure Email Gateway deliverscomprehensive protection against socialengineering-based attacks. Often called businessemail compromise, impersonation, or whaling,these attacks are designed to evade traditional gateway checksand trick users into handing over money, company secrets,or sensitive employee information. Attackers will pose asC-level execs, supply chain partners or well-known brandsin an attempt to exploit the relationship or trust of internalemployees.Impersonation Protect detects and prevents these types ofattacks by identifying combinations of key indicators in an emailto determine if the content is suspicious, even in the absence ofa malicious URL or attachment. Real-time scanning of all inbound emails to detectheader anomalies, domain similarity, recency ofthe sending domain, sender spoofing, and suspectemail body content. External domain similarity protection to preventattackers from exploiting trusted third-partyrelationships and well-known internet brands. Inspection across various international charactersets to detect domain similarities. Administrator control over handling of emails;discard the message, quarantine it, or warn thereceiver that the email is suspicious. A Mimecast managed and Custom Targeted ThreatDictionary identifying key terms attackers use. Centralized policy management makes it easy foradministrators to manage, report and discoverattack campaigns.Indicators1. Display name 2. Similar domain3. Domain activity 4. Keywords5. Reply-to mismatchBOUNCEHOLDAdmin, Moderatoror User reviewwww.mimecast.com 2022 Mimecast All Rights Reserved GL-3799TAGMarked assuspiciousGood4

DatasheetInternal Email ProtectAdvanced protection against threatsin internal and outbound emailMimecast Internal Email Protect applies best-practicesecurity inspections to internal and outbound emailtraffic, allowing organizations to monitor, detect, andremediate security threats that originate from withintheir email systems. From compromised users whoseaccounts are being exploited by attackers toemployees who engage with malicious links or simplymake mistakes, Internal Email Protect (IEP) providesan additional layer of protection designed to keepyou secure.A 100% cloud-based service, IEP includes scanning ofattachments and URLs, as well as content inspectionsfor violations of data leak prevention policies. IEP is acomponent of Mimecast’s Targeted Threat Protectionservice, integrating seamlessly with Mimecast's fullsuite of security solutions and supporting all types ofemail environments — from M365 and GoogleWorkspace to on-premise Exchange and hybrid. Itprovides the following core capabilities:1. Journaling of internal email for the inspectionof threats: Internal Email Protect allows you tointegrate a journal feed from your email server toMimecast to conduct security checks on internaltraffic. This inspection process monitors internaland outbound email, conducts data leak preventioninspections of the content, and performs deepanalysis of attachments and URLs.2. Content remediation:When Internal Email Protect detects unsafe,undesirable, or malicious content, you have theoption to remediate this content from end-usermailboxes either automatically (i.e., the infectedemail will disappear from the inbox with an optionalnotification to the end user), or through the manualintervention of the administrator. This reduces theexposure time to malicious emails/content and alsoidentifies all instances of the malicious content (e.g.forwarded emails, distribution list recipients) to beremoved from the mailbox(es) and archive.Content remediation includes the ability to betriggered via API by orchestration and responsetools, and delivers a full log of remediation activity.www.mimecast.com 2022 MimecastALL RIGHTS RESERVED GL-3708-1Key Capabilities Provides comprehensive protection from threatsoriginating from internal and outbound email. Detects lateral movement of attacks via email fromone internal user to another. Identifies and prevents threats or sensitive data fromleaving an organization. Automates the detection and removal of internalemails that are determined to contain threats. Continuously rechecks delivered files to identifypreviously unidentified malware. Supports automatic and manual remediation ofemails determined to be malicious or undesirablepost-delivery. When used in conjunction with Mimecast WebSecurity and Security Agent, supports manuallytriggered removal of saved attachments. Provides a Threat Remediation Dashboard thatallows for search and remediation based onadministrator and/or organizational requirements. Simplifies administration with a single console acrossMimecast’s entire email security solution. Increases employees’ security awareness by notifyingthem when malicious emails are found. Designed to support all types of email environments,from M365 and Google Workspace to on-premiseExchange and hybrid.3. Threat Remediation Dashboard:Administrators may want to monitor, search,and manually remediate specific emails. Mimecastprovides a dashboard within the administrationconsole that gives you full visibility of email trafficand threats enterprise-wide, and allows searchbased on message ID and attachment file hash,as well as from and/or to address.1

Understanding the RiskIn Mimecast’s most recent State of Email Security Report1, data from Vanson Bourne showed that insiderrisk is a high priority for organizations of all types: More than 8 out of 10 respondents believe their company is at risk due to inadvertent data leaks by carelessor negligent employees.99% of participants either have or plan to install an email security system designed to defend against emailborne attacks or data leaks in internal-to-internal emails.8 in 10 companies are bracing for the fallout from an email-borne attack.However, most organizations don’t have the advanced defenses – like data leak prevention, remediation, URLinspection, and sophisticated malware detection – required to effectively protect against: Compromised insiders: External attackers take over the accounts, credentials, or systems of unsuspectingusers through credential harvesting, impersonation attacks, phishing emails, or the installation of various formsof malware. These attacks can spread when the attacker uses compromised accounts to distribute malware orsend phishing emails. Accounts can also be used to exfiltrate data. Careless insiders: These are employees who don’t fully understand or simply ignore security policies and rulesor who make innocent mistakes. Malicious and/or abusive insiders: Whether the damage is done with malicious intent or the behavior viaemail is particularly inappropriate, employees’ insider status uniquely positions them to cause significant harm.Build Trust from the InsideAs email-borne cyberattacks grow in both volume and sophistication, you need comprehensive, proven emailsecurity strategies that are as agile, smart, and adaptable as the methods used by those who seek to cause harm.Mimecast Internal Email Protect both continuously rechecks previously delivered inbound files to identify malwarethat wasn’t initially detected and allows you to automatically or manually reach back in to users’ inboxes to removeunsafe or undesirable emails. By applying world-class security protocols to ALL organizational email, you will reduceboth cost and complexity while expanding your ability to safeguard employees, intellectual property, customer data,and your organization’s brand reputation.Remove malicious & policy violating emailsAlert admin userJounal feed of internal emailsOutbound emailsEmail server cloud-basedor on-premiseAttachment inspectionwith sandboxingURL inspectionGoodContent inspectionBadInternal email users1 MimecastState of Email Security 2022www.mimecast.com 2022 MimecastALL R

Mimecast Email Security defends against malicious URLs, weaponized attachments, impersonation attacks, spam and viruses. Combined with visibility of internal email threats, automatic remediation and threat intelligence, Mimecast helps your email and security teams strengthen your cyber resilience. The Mimecast Email Security Suite includes: