Educause Security Discussion mailing list archives
Re: Email Security Product That Supports Customer Entry of Malicious Messages
From: "Davis, Kevin" <kedavis () DAVIDSON EDU>
Date: Wed, 22 Mar 2017 21:18:50 +0000
Out of curiosity — is anyone using Office 365’s Advanced Threat Protection for URL rewrite and other capabilities, or compared it to Proofpoint? After some recent phishing we are interested in looking at both solutions but will need to be very cost-sensitive in whatever we do…. Kevin -- Kevin Davis Deputy CIO & Director, Core Services Davidson College ITS (704) 894-2405 (office) | (919) 599-8194 (mobile) From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> on behalf of "Pifer, Michael" <pifer () GRINNELL EDU<mailto:pifer () GRINNELL EDU>> Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Date: Wednesday, March 22, 2017 at 4:41 PM To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> Subject: Re: [SECURITY] Email Security Product That Supports Customer Entry of Malicious Messages Gary; Like you, we are on Proofpoint, and have had some messages not be identified as phishing early on, and end users being allowed to visit the site. I have been able to in all cases submit a ticket to Proofpoint with high priority about the link being a phishing link, and then have them back trace the users who did click the link and visit the site to follow-up with and pretty quickly block the site as a phishing site. Have you submitted this request to Proofpoint as a product enhancement feature request? I certainly will now that you have talked through the request, the ability to have more control over that aspect vs. the need to put in a ticket and wait would be very nice. Michael Pifer Information Security Technical Specialist Information Technology Services Grinnell College, Grinnell IA 50112 (641) 269-9990 http://www.grinnell.edu/its/<https://mail3.grinnell.edu/owa/redir.aspx?C=66dd17c03c7d4efba572916c487c9309&URL=http%3a%2f%2fwww.grinnell.edu%2fits%2f> Technology Services Desk (641) 269-4901 "Phishing" is a scam designed to steal your personal data. If you receive an email asking for information such as your user name and password, your Social Security number or credit card number do not supply the information requested, it is likely a phishing email. Report phishing emails received to the Services Desk at (641) 269-4901, submit a ticket at https://help.grinnell.edu or email TechnologyServicesDesk () help grinnell edu<mailto:TechnologyServicesDesk () help grinnell edu>. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Flynn, Gary - flynngn Sent: Wednesday, March 22, 2017 12:54 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Email Security Product That Supports Customer Entry of Malicious Messages Hi, We use Proofpoint and most of the time it works great. It has protected us from major attacks many times. It's URL rewrite component is missing one feature that would make it much better. As with any blacklist oriented security product, some malicious messages get through. Unfortunately, the product does not allow us to teach our appliance about those messages so it can block the URL and provide us exposure information. Is anyone aware of an email security product that supports such a feature? thanks, Gary Flynn JMU IT Security James Madison University My brain can handle preemptive and cooperative multitasking pretty well. Parallel processing, not so much.
Current thread:
- Email Security Product That Supports Customer Entry of Malicious Messages Flynn, Gary - flynngn (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Justin Harwood (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Flynn, Gary - flynngn (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Valdis Kletnieks (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Flynn, Gary - flynngn (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Pifer, Michael (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Davis, Kevin (Mar 22)
- Re: Email Security Product That Supports Customer Entry of Malicious Messages Justin Harwood (Mar 22)