Perception Point Advanced Email Security Reviews

We route all of our inbound emails through Perception Point to have it scan for malicious files, malicious URLs, spam—all the attack vectors that can be used via email. 

We're also using it as a sandbox, which is a new feature we started to use in the last two quarters. We use their API to send files and URLs for investigation to the Perception Point sandbox. Based on the verdict, we take action. If it's clean we keep it in the system, and if it's malicious we delete it from our system.

Perception Point has helped to reduce our false positive rate by a very good percentage, on the order of 80 percent. It has also absolutely helped to reduce the number of alerts received, by something like 95 percent. As a result, we have to manage fewer incidents due to emails containing malicious files. If the EDR is detecting it, you need to investigate it and, in some cases, to isolate the device and reimage the device. In terms of our operations, it has reduced the workload by a lot.

Almost everything is a valuable feature. Among the most important are the sandboxing and the levels of pattern and sophisticated techniques they are able to detect. As far as I know, and I've worked with another product before, Microsoft Defender for Office 365, other products are not able to detect those kinds of malicious files or URLs. Perception Point is our second layer, and it always catches them. 

Another feature that we really like, one that was introduced a few months back, is the way it categorizes threats into groups, such as Emotet, Qbot, Formbook, and the like. It's not only telling you that something is malware, but it's also giving you insight into what kind of malware, which category tried to exploit you. For a security team, this kind of information is very critical because it's a type of intelligence. You understand what you are facing and whether you are a target for a specific group of threats, and you can defend better against them.

And something that has really improved in the last few months is the Incident Response team, which comes as part of the service. The SLA is really amazing. This was the biggest advantage. When you are working with MDO or Proofpoint, for example, you will never speak to a human. You can open a case and they will reply, but we have a Slack channel with Perception Point. We can reach out to them and they answer immediately, meaning within five and 30 minutes. For us, that's like real-time when working with a vendor.

The main goal of the Incident Response team is responding to incidents, of course. But the way we use them is that when we identify a false positive, we ask them, "Hey guys, can you check why we got this false positive?" They do a great job checking and fine-tuning as a result, so that the next time it will pass through. The same goes for a true positive. What is unique about the product is that, in the end, it's not only a machine, rather there is also human interaction. A human will sometimes go over the tagging and decide that the system gave the wrong verdict. This is how they make sure that the system gets better and better all the time. In the backend, they have machine learning. But to optimize the model, somebody has to fine-tune it all the time. You cannot expect that the first model will be bulletproof, and that is the way they are doing it. That is why they are so good in this domain.

We have some unique use cases that we're working on with them, like integrating their solution with Zendesk and with Shodan.

In terms of architecture, and I know that they're going to improve this, the solution needs to be much more redundant. There was an outage a month ago in AWS, and that basically stopped the service for two or three hours. Although in two years, this was the first time that something like that happened, our expectation from a company like Perception Point is that it should work with either a multi-cloud or multi-region architecture, to improve the resilience. Perception Point can find a better way to maintain availability. In this case, the AWS problem was in North America, so if Perception Point had had a region in Europe, they probably would have been able to recover much more quickly, just flip it, and that would have been it.

I've been using Perception Point Advanced Email Security for two years.

Everything has worked as expected. It's working 99.999 percent of the time.

We get 50,000 to 100,000 emails per day and we haven't faced any scalability issues. I can't say there was a delay in emails because of this volume.

We aren't using the solution’s expanded product portfolio to protect more than just email, at this stage, but we are looking into it for the coming year.

We are also working with them with requirements from our end and we are really looking forward to a native integration with Zendesk. We believe that both companies, Zendesk and Perception Point, can benefit from that, and not just our company. Once Perception Point has an integration with Zendesk, it will impact many customers around the world in a positive way.

We haven't needed to use customer support so far.

We used FortiMail before, but it's not a next-generation email gateway.

Our initial deployment of Perception Point had some complexity, because when I started with my current company, we had on-prem Exchange and FortiMail. That made it a bit challenging. It was less an issue with Perception Point and more because of our architecture.

Once we moved to Office 365, it took two minutes. For an Office 365 customer, it's a very easy deployment.

The pricing is not cheap, but I can see the value. In security, if you are trying to save by giving up quality, that's a very bad decision. If there is high quality and it demands a high cost, you need to pay. Don't compromise on quality. If Perception Point is 99 percent accurate, and Proofpoint is 97 percent accurate but costs 20 percent less, I'll pay the extra 20 percent and sleep well at night.

We were thinking about Proofpoint. The big advantage of Perception Point is the Incident Response service. There is no product in the market that provides that kind of service. Also, although they were small when we started with them two years ago, we believed in the company and its vision. And it has proven itself. We have seen the outcome. Microsoft is 100 or 1,000 times bigger than Perception Point, but Microsoft misses so many threats that Perception Point catches. When it comes to advanced malware, there is a 20 percent difference, and that's a huge number.

If you are looking for the next generation of email gateway with an Incident Response service, select Perception Point without any second thoughts.

A few months back, I would definitely have said that the Incident Response service needed improvement, in terms of their responses and SLA, but because they really took the required action, I can't think of anything else that they should improve. I am really happy with what I have. If they maintain it, I will be a very happy customer.

We use it to scan email for security purposes. 

It's all cloud, there is no on-premise footprint. All the infrastructure is Perception Point infrastructure.

Judging the effectiveness of Perception Point when it comes to detection is difficult because we do not have only Perception Point in our email security flow. Perception Point is the last line of defense in our protection process, what we call a third-tier of protection. Before Perception Point, we have two layers of Microsoft in place, and those two layers filter quite a lot. We wanted to add another layer from a different vendor so that we were not only relying on Microsoft, but also because we knew Microsoft was not catching everything. That was proven through our PoC with Perception Point. Every month we catch a good number of malicious emails. Our focus is more on malicious messages than on spam, although it catches a good number of spam messages as well.

We escalate one or two emails per month that were not discovered by either Perception Point or Microsoft, so our overall effectiveness is pretty good. But Perception Point is certainly catching things that Microsoft does not catch. It is doing important work because an email that Microsoft does not catch is a risk if it gets into a user's mailbox. We are talking about 25,000 to 30,000 emails a month that Perception Point is catching that Microsoft is not yet detecting.

Also, Perception Point's Incident Response team is like an extension of our messaging team in the sense that we do not have the capacity or the resources to evaluate whether an email is malicious or not, especially for the type of volume we have. This was one of the key criteria for us when selecting a partner. With Microsoft, a lot of it is done by machine learning, but we do not have a Microsoft team making a determination about emails or a team that we can easily escalate issues to or turn to for an email security conversation. Perception Point performs a really important part of what our vision is for email security.

We have also created an integration where users are able to report phishing attempts, and those emails are scrutinized by the Perception Point Incident Response team. That is an additional benefit. They're adding value both through qualifying our emails and through reviewing messages that our users report as phishing attempts.

We have another integration between Perception Point and our endpoint solution. That is something Perception Point actually offered so that if the endpoint solution finds something where the entry point was an email, there is an automatic interaction through which Perception Point does a review and removes things from the email box. That is an added benefit.

The most valuable features of the solution are the ones that are related to finding impersonation attacks and detecting attempts to steal credentials. In scenarios where attackers get you to follow URLs to a malicious site that looks similar to a good site, and then ask for the user credentials to try to steal them, it is very useful.

It also has features for detecting branding impersonation.

And specifically, when it comes to protecting our VIPs and avoiding BEC (business email compromise) attacks, that is another important part for us.

It scans pretty much all content, so it's full-scale. We see in our dashboard how emails are categorized by different engines. There isn't just one engine that determines whether an email is malicious. They have a multi-engine architecture for detection of malicious emails. They provide full scanning of email.

There is still room for improvement with BEC. There is more work to be done by Perception Point on machine learning and neuro language as well. BEC is very difficult if you don't have a computer language looking into the content of the email and trying to make a determination through that. With BEC you often don't have an attachment or a URL. That is an area where there is certainly room for improvement.

We have been using Perception Point Advanced Email Security in production since August of this year, so more than four months. Before that, we ran a PoC and we were in pilot mode for about another six months.

We have not had any issues with the stability in production. We had some small issues during the PoC, but they did not have an impact on us because we were just in monitoring mode. And regarding the issue with Amazon this week, we were not affected, because it was in the US and we were not using the infrastructure in the US.

We haven't seen any issues with emails failing because they are delayed or in queue. We haven't been aware of a situation where users are waiting for an email. To a certain extent, it's because we are not running inline so Perception Point cannot be a bottleneck because the users have the emails in their mailboxes. A customer that runs the solution inline may have a different opinion because email will not arrive until Perception Point has processed it.

Perception Point's team in general, whether it's the support people, the management, or the sales folks that were engaged with us, have been very good. Often, when a company is at the PoC stage, they engage with you and try to demonstrate that they're good, but once you have signed a contract that might fade away. That has not been the case with Perception Point. They are very responsive and very attentive to our requests. The support has been very good.

Positive

The initial setup was in between a straightforward and a complex process. We had some hurdles at the beginning because of some issues with AWS.

Also, the way we have rolled out the solution is different from the way Perception Point normally rolls it out for its customers. In general, it is known as an inline solution, where the traffic is scanned by sending it to Perception Point, and then they send it back to the customer before it reaches the users' mailboxes. But we did not set it up that way. We rolled out in another way that became available during the pilot phase. We decided to go for that option because we felt it was less risky when it comes to the email flow. If something were to happen to Perception Point or to Amazon, like happened to Amazon a few days ago, then the email flow would be affected and require us to take action.

The way that we rolled it out is similar to what the competitors do. The email arrives into the user's mailbox and is then scanned. It then takes any necessary actions in seconds or minutes. I don't know how much Perception Point is advertising this. We were the only customer that was testing this option and then decided to go to production with it.

From a protection point of view, the inline method, which is the preferred mode, is obviously more secure, because emails will not get to the end-users until they have been scanned. In our case, end-users are receiving the emails and, in parallel, they are being analyzed. If action is required, Perception Point will take the email out from the end-user's mailboxes. There is a small period of time where the user could click on an email that is malicious. But we made the decision to roll it out in this way.

We did the rollout in phases over three weeks in the month of July. We first rolled it out to our users in Asia-Pacific, and then to our users in America, and then our users in EMEA.

In terms of time-to-value, the solution was already delivering value during the PoC. The difference was that in the PoC, the solution was just alerting us and was not taking action. However, we had an agreement with Perception Point that if we knew with certainty that emails were malicious by code, they would remove them even during the PoC. When we moved to production, Perception Point was immediately taking action.

Another difference in our rollout was that we started with a goal of avoiding a lot of false positives, using an 80 percent accuracy level for the determination of maliciousness. That meant that if the algorithms thought that there was an 80 percent chance, or above, that an email was malicious, action was taken to remove it from the user's mailbox. We started to see that happen from the very first moment we went live. The value was there from the beginning.

After months of working in production with this 80-percent-and-above threshold, we changed in November to 60 percent. In the November numbers, we see a decrease in reports from our users of phishing emails. We still have to see if this remains the case during December and January. But this could be an indication of Perception Point now catching more, before users are required to report something as phishing.

I believe we have seen ROI. We are catching emails, important emails to our VIPs. We run reports facilitated by Perception Point on the numbers, but they also provide summaries that we highlight at the end of every month about emails attacking VIPs or impersonating VIPs. We can see that if an email had not been caught it could have been really malicious. From that point of view, the return on investment is there. Even one email that gets through is already one too many, but there is no 100 percent solution. When we see that, on top of Microsoft, Perception Point is catching 25,000 to 30,000 emails, that is a good number for us. As a percentage of the volume of email that we receive overall, those numbers are small, but they're quite big if we understand that there are 30,000 emails with potentially malicious implications for our users and our company.

We ran an RFI with different solutions, but we only did a PoC with Perception Point and another competitor.

One of the main attractions for us with Perception Point was the Incident Response team. Perception Point was one of the few companies that offered that feature and it fulfilled something that we did not have: the expertise and the capacity to look into emails. The other vendors that did offer something similar charged additional money for it.

The other piece was the inline versus post-delivery issue. We actually liked the idea of inline, but our management was attracted more to the idea of the post-delivery. Perception Point gave us the flexibility to do one or the other and that also was important to us.

In addition, the company and the individuals who engaged with us at Perception Point were very good in terms of listening to us and our requests, and in many cases, implementing them very quickly. Before we had even signed, they were already giving us solutions to some of our requests. That reaction, listening to our feedback and implementing it, continues now. We checked with some Perception Point customer references and they said that type of responsiveness won't change after you sign, and that has been our experience as well. We are still in contact regularly, discussing ideas and improvements with them.

Obviously, you need to be convinced about a solution on the technical side and see good results out of a PoC, but the service and the people behind it were part of what made us go with Perception Point.

Whether you're looking at Perception Point or any other solution, the first thing to do is to find the weak areas with your current solution. Some solutions may be more targeted to a specific technology or type of threat. There are solutions that are very specialized in BEC, for example, and they're very good at BEC. So if your problem is with BEC, then maybe focus on them. Knowing your main problem will help in determining which solution to go with. Otherwise, you could be picking something that is not going to resolve your problem.

We have a hybrid Exchange environment with an on-premises email server and also Office 365. We have multiple domains and the challenge was related to the email filter. We were doing a lot of things manually and we wanted a simpler system.

As of now, we are only using this product for email. However, in the future, we may implement some of the other modules such as SharePoint, Dropbox, or other services.

Perception Point has improved the way our organization functions in many cases. For example, there are a lot of malicious files coming into the company and the previous solution that we had was not filtering them in an effective manner. When we switched to Perception Point, it became quite handy and it started detecting most of them. I would estimate that nine out of ten were being found and then blocked.

The only challenge we were facing was a small number of false positives, which was okay because we were able to handle them properly. In terms of reduction, implementing Perception Point has resulted in a 50% to 60% drop in the number of false positives that we were experiencing.

In my experience, the detection capabilities have been good. I would rate the performance an eight out of ten because it is much better than some other products I have researched. I have seen examples of it detecting malware.

The vendor's incident response team acts as an extension to our own SOC team.  This is important because we need to know exactly what is happening so that we can report it to the top management, accordingly. 

Perception Point's incident response team has aptly handled the incidents that we have had. So far, we have only had a few, so our challenges have not been great.

With respect to engine optimization, I see a lot of features being upgraded every month. The engine seems to be getting more robust. I can see the differences in this AI-based technology.

I would estimate that each day, Perception Point saves our own SOC team between one and two hours. We were spending a lot of time on security and since implementing this product, we have been able to reallocate time and put it toward other tasks.

I estimate that overall, the number of alerts that we receive at our endpoint layer has been reduced by between 40% and 50% since transitioning from our previous product. Time-wise, this saves us between an hour and two hours a day.

In terms of how long it took to begin showing value, from the perspective of a customer, I think that it took about three days before we started to notice the difference. It required no tuning or customization and it was very clear in the console. The dashboard showed everything that it was doing, making the system very transparent.

The most valuable feature is the hardware-assisted platform module. The HAP is hardware-based and does not exist in many products. It is a unique CPU technology that can detect ransomware attacks.

The notification system is helpful. We received two notifications a day, which include the false positives.

Email alerts should be available in real-time. Alternatively, emails should be sent more often. It would be better to get between six and eight emails per day to help us understand what is happening.

At this time, we don't have an option to customize alert emails for our customers. They come directly from the vendor and we have no control over them.

The reports should be more customizable.

We have been using Perception Point Advanced Email Security for less than a year.

It's a robust product and we don't have to manually intervene when it comes to filtering when we use the engine. In production, it seems to be stable and we haven't faced any downtime.

Perception Point is used throughout the organization and we have 250 devices that are protected.

Scalability-wise, we haven't explored or tested it. I think the product can be scaled in terms of adding more features. More than its security, they can add more features, like email archiving, but I'm not concerned about it.

Whether we increase our usage depends on the business. If we continue to grow then we will continue using this product and we will increase the number of users. I think that it's quite capable of scaling with us.

When we need to create reports for management, we sometimes send queries to the support team. They are very responsive and normally, they answer the same day, within a couple of hours.

In total, I have spoken with them approximately 10 times and the experience was always good. I believe that the nearest support center is in Israel, and we're approximately two hours apart, yet the response was still quick and on time. They have always been able to resolve our issues.

We had challenges with malware when we were using another on-premises product. The product was MailMarshal, by Trustwave. The first reason that we decided to switch was that it was purely a signature-based system. The second reason was the support. Simply, they did not provide the support that we needed.

We had done some brainstorming before the project, and we could see that the setup process was transparent. As such, it was straightforward and even though there was some complexity, we could see exactly what they were going to do. All things considered, it was not overly complex.

The implementation strategy did not deviate from our IT policy and it was good. They were not using the MX pointing but rather, it was another kind of shared organization policy that is hidden from the attackers. The fact that the attackers cannot directly see what we are using, and it is similar to a shadow, is one of the features that we liked.

We are a 24/7 organization so for us, the main challenge was minimizing downtime. Downtime is crucial for us and we were able to complete everything in less than six hours.

From our side, there was one IT manager and two network administrators involved in the deployment. The two network administrators continue to work with this product but in a maintenance capacity.

We have absolutely seen a return on our investment. Cost savings and technology-wise, the HAP module is the feature that gives us the biggest ROI. It is implemented in hardware and not available in a lot of systems. It is incorporated directly into our data center for multilayer protection.

The price of this solution was within our budget and I think that it will suit most SMBs. There are no additional costs beyond the standard licensing fees.

We evaluated Mimecast at the same time that we were looking at Perception Point. It is a top runner in this space and they have more services, such as mail archiving. Ultimately, we found that Perception Point is a better product. It delivers approximately the same value for what we needed, but for less cost, and pricing was one of the other constraints.

We did not implement a PoC with Mimecast, so I can't make any technical or performance comparisons based on actual usage.

The biggest lesson that I have learned from using this product is that when you use smart products in a smart way, it can save you a lot of time with respect to productivity. This in turn allows us to look at how that time can be used for other major tasks.

My advice for anybody who is thinking about implementing this product is to start with a PoC. The vendor offers a 14-day PoC, which will give you a clear idea as to exactly what is happening. From there, you can choose to proceed with it or not.

I would rate this solution a seven out of ten.

Email protection from:

1. All malicious attachments. 
2. Phishing URLs
3. Phishing and spam emails.

We work mostly with Slack for incident management with their Incident Response team. Everything is recorded, maintained, and operated in Slack. This is easier for every team, making it easier for us to stick with this solution. They are online. We show evidence. In general, we have good communication.

Email is still the first victim, e.g., it is number one for hackers to use. This is why you want to have the best protection against those attempts. The mechanism Perception Point Advanced Email Security has against malicious, phishing attempts and all these hackers' attempts via email was the main reason to use this solution. It protects the company from all the email attempts that can put the company at risk.

They can do better on the spam. Today, Perception Point is not our only solution. We have two solutions, and they are the second in line because the spam filtering is not yet the best. 

From an operational perspective, as a customer, we want to have the ability to do all the changes that we want. I don't want to have to approach the Perception Point guys, and say, "Please do: A, B, C, D." I prefer to have my guys do our customizations.

I started to use Perception Point Advanced Email Security even before my current position. So, I would have been using it for about four years.

In the four years that I worked with them, we have had maybe two downtimes. Obviously, that is a good percentage of uptime. I haven't had any big issues with them. So, the stability is very good.

Two security engineers manage the solution out of the SOC.

We started small, then we expanded. Because it is a cloud-based solution, it is very easy to scale. 

From a user perspective, there are around 7,000 mailboxes with almost 300,000 emails a day. The solution is fully deployed (100 percent).

We have used the technical support. Usually we use them when we have a false positive or false negative. It depends. We are using Slack, so they answer right away. They check and investigate it, so the technical support is quite good.

The vendor commits to the solution’s effectiveness when it comes to detection, but this is around an accuracy and detection rate of 99.5 percent. They sometimes miss and we find them. Obviously, we report them back, then they try to fix and solve them for the next time, which is a good thing. 

It is very important that the vendor’s Incident Response team work in the background and proactively help. They are also providing 24/7 support, so if something is happening while it is night, holidays, or weekends, then it is important that they will be proactive if they find something suspicious or something that requires actions. Therefore, we need them to be responsible. Some of this stuff, we can manage on our own, but there is stuff that they need to do on the back-end.

I see from time to time that Perception Point is being proactive. They approach us, and say, "Can you check this, and this?" So, it does seem that they are an extension of my incident response.

Once we report any stuff that we found, and for some reason haven't detected, they do everything very fast. It is almost real-time, and they are closing this gap. If they found something that they missed, or we told them, then they acted quickly.

We had an email protection system that wasn't as good before. Now, our block percentage is much higher. So, we have fewer incidents happening in the company. Obviously, this shows in the ROI. I don't need my guys to start dealing with all these incidents. Perception Point Advanced Email Security also provides a very good investigation report of what it was trying to do. Then, we take it and leverage it, using it to improve our detection in our protection systems. Therefore, we have increased the effectiveness of our detection against malicious attacks, plus our SOC team is not spending as much time dealing with them.

We added Perception Point Advanced Email Security. We still have Fortinet FortiMail because of the anti-spam. Fortinet is the first in line to block the spam, but they are second in line when blocking all the malicious stuff.

The initial setup was very straightforward. We did it in two phases, mostly. 

The phase one: Right away, we did all the malicious attachments. Obviously, we did it first in detection mode. After we saw there were not too many false positives, we changed it to block mode quite fast. It took one to two weeks, then we just changed it to block mode. 

The second phase was phishing URLs, which was a little more complicated than attachments. It was for detection only on URLs. We whitelisted all the legit URLs that had false positives. Once we finished with whitelisting, we enabled it on block mode. From that moment, it was quite straightforward. There were no issues. 

We can go into full production (fully live) with this solution in one month.

Sometimes, we have a URL that goes into a whitelist, but it happens once a month or something. It is a very low number. 

After deploying the solution, you can see all the blocking right away.

One security engineer deployed it out of the SOC.

For specific incidents coming via email, we have reduced our SOC team time dealing with problems by 99 percent.

Perception Point Advanced Email Security has helped us reduce our false positive rate. We currently have a 99 percent success rate with one percent false positives. 

The solution has helped to reduce the number of alerts received by our endpoint layer. We have around 99.5 percent accuracy. This has affected our security operations a lot. The ROI has been very good. My guys have spent less time on investigating incidents from the endpoint, because it was already blocked on the Perception Point level. 

They are not the most expensive vendor. There are much more expensive vendors. They are not cheap, but they are not the most expensive. They are somewhere in the middle.

The pricing is for the number of emails. There are additional costs for the number of files and scans.

I did evaluate two other solutions, Mimecast and Bitdam. Eventually, it was a combination of cost, integration, and support. I did want something that would work very fast and adjust to my needs. Also, the cost was important. We wanted something priced in the middle, not too expensive nor cheap.

Perception Point Advanced Email Security had a very good detection rate score. Obviously, that was one of the reasons we chose them eventually. It was not only because they are nice, but because the solution was top-ranked.

If you are looking for a one stop solution that will deal with all your email security, then they are probably not the perfect one because you will still need to add more tools. If you are looking to be the best in security and stop all security threats coming through via email, add this solution to your current environment and trust that they have 99.9 success rates when blocking any malicious stuff. Depending on the company, you can either add them to your portfolio or replace other solutions that are not as good as them.

You need to remember to whitelist your internal services so they will not get blocked. For example, sometimes there are internal services that the company uses. Because they are internal, and not coming from the outside, most security tools will detect them as suspicious.

I would rate this solution as a nine out of 10.

Our customers use the solution for email security in a gateway. The solution is used to block malicious items hidden inside a document or PDF file. Perception Point Advanced Email Security could also analyze affected links embedded inside PDF documents.

The solution is also used to block the email gateway. Perception Point Advanced Email Security is similar to IRONSCALES.

Perception Point Advanced Email Security should make available more use cases.

I rate Perception Point Advanced Email Security a nine out of ten for stability.

I rate Perception Point Advanced Email Security a nine out of ten for scalability.

Perception Point Advanced Email Security's technical support is excellent. The solution has 24/7 technical support that you can always contact.

Positive

The solution's initial setup is very easy. The POC would take or two; it doesn't take long.

Perception Point Advanced Email Security's deployment doesn't take long. It can be done within a week, and sometimes it takes less than a day.

Perception Point Advanced Email Security is deployed on-cloud.

Perception Point Advanced Email Security is a good solution to try. It's easy to deploy, highly scalable, and really granular. It's a solution users can use that will really help the organization.

Overall, I rate Perception Point Advanced Email Security a nine out of ten.

We are currently working only with email protection. The way it's implemented in our company is that it scans 100 percent of our incoming email traffic. Perception Point has seven or eight scanning engines for detecting malicious activity, whether it's a phishing attempt, a malware attack, or any other type of cybersecurity threat. The way it's implemented is inline, so that if their engines detect something, the problematic email will be blocked and the end-user won't get it.

They also have an Incident Response team so that if something looks suspicious the IR team looks into it and approves or releases the emails. It depends on the use case.

Until we had the Perception Point, if a malicious or suspicious email got into a global user mailbox, if he didn't fall for it he would just manually send it to the security mailbox and then we would have to manually check it. Now, with the Perception Point engines scanning things automatically, it helps our security team to better see the malicious activity that has globally targeted employees.

In addition, it has reduced the number of alerts received by our endpoint layer by about 20 percent.

It saves our entire security team a lot of time and it gives our organization better protection.

What's really good about this platform is that  

• you have full visibility 
• it has a very nice and very friendly UI
• it's quick
• there's no latency in the scanning. 

I'm able to log into the system to see what's happened. I do that every day because in the company I work for things are a bit sensitive. I don't trust any solution 100 percent, so it's not just Perception Point. I like to see things myself and decide.

And the speed of scanning is very quick. The time it takes is almost nothing.

That's what we need. It pretty much gives us the perfect solution for our requirements.

In terms of their detection, if there is malware they detect it. For nine months we haven't seen more than a couple of true negatives, meaning malicious emails that did get through their scanning system. It has helped to prevent hundreds of threats.

We have had a few false positives, not that many, but a few. 

About 90 to 95 percent of the time, it's doing a great job but, the same as other companies, they can do better. They can add internal processes that will give an end-user the perfect solution. When I log in to the system, I can see all of the emails that were flagged as malicious. Some of them are false positives, and I get that. However, they have a feature where someone from the Incident Response team can look at an email and mark it as "verified malicious." You might think that if an engine detects it is malicious, and an IR team member has flagged it as malicious, it will definitely be malicious. But that's not always the case. Sometimes the engine detects it as malicious, and the IR team verifies that, but it's still a valid email, not a malicious one, and I have to release it manually.

But in the beginning, we had more false positives. Over time, the false positive ratio has gotten better. Instead of 20 false positives there are now about 15 false positives a month.

I've been using Perception Point Advanced Email Security for about eight months.

The solution is very stable. There were a few crashes but they weren't related to the solution itself. The solution is on a cloud service provider and the few times that it has crashed were because of an issue with the cloud service provider.

It's very scalable because it can give you lots of options. We are not using all  the options that are available, because we don't need them, but it can provide a very nice set of solutions.

Their technical support depends on the person I'm dealing with. I know the guys in technical support, and some of them are good and some of them have some tricky responses but, overall, they are pretty good.

Positive

This is the first solution of its kind that we are using. We started looking into tools like this because this kind of solution is a must-have tool.

The initial setup was very straightforward, very easy. It took just a few minutes and it started delivering value from the first minute.

It's used by our entire organization. In terms of maintaining the solution, it's just me and maybe one or two other guys in our whole company.

We had a PoC with another company, but Perception Point mwas better than the other product we were looking into, by far. The main difference was the management part of the platform. For me, as a platform manager, it's so easy to see and manage the entire operation. It's very easy to do stuff inside.

The detection rate was pretty much the same for both products. But we tested the other product for only about two weeks and Perception Point for about one and a half months, so that was different. The false positive rate was also pretty much the same.

This is the first product you should look into because it's really good.

If I have the option to use another feature or another product from Perception Point, I'll definitely consider them as a good player in the market, and I'll for sure start with a phone call to one of their salespeople.

Our primary use case is to secure our email channel. We're using Perception Point only for our email users.

Among the most valuable benefits are the results we have seen from the detection engine. Since implementing Perception Point, we have had zero suspicious emails coming into our inbox. We have seen a 100 percent decrease in attempts.

And there have been no false positives. There have been no cases where we could not see emails, due to Perception Point mistakenly blocking them, that we should be able to see. Everything is working as it should.

One of the most valuable features is the service provided by the incident response team. There have been cases where we have suspected that emails were fraudulent or something was suspicious. In those cases, we immediately contacted the incident response team through the platform, and we had a response in less than a minute. They confirmed that those emails were not fraudulent, and we were able to continue with those emails. The response and the capability and the professionalism of the team have been some of the good aspects. It has been very positive on the customer service side.

I don't have anything bad to say about the product.

One feature that might be nice to have, and I don't know if Perception Point could actually do this, would be that when you are sending an email with sensitive information, Perception Point would either block it or trigger a message saying, "Are you sure you want to send this kind of information to these recipients?" Something like that, before you make a mistake, would be helpful. Some type of AI agent that determines what, for us, is sensitive information, would be great.

We've been using Perception Point Advanced Email Security for exactly one year.

We haven't seen any hiccups. We've had full usability and haven't seen anything that was not working or that impacted our business operations. We have seen 100 percent uptime.

It's hard for me to talk about scalability because we only have about 15 employees. So in our case there are no scalability issues. But I know customers, friends of mine, whose companies have tens of thousand employees and use Perception Point, and they have had the same feedback about scalability: no scalability issues.

We used Microsoft ATP.

Before Perception Point, we had a high number of malicious emails coming in; constant attacks and nothing was blocking them, including phishing attacks and account-information takeover attempts. Because we're a financial institution, we were very much at risk of having funds wired to a fraudulent account. We noted numerous attempts. As a result, we researched the market and we chose Perception Point for our email channel.

I was working closely with our IT manager at the time of the deployment, and it took us less than five minutes to configure Perception Point for all of our employees. There are about 15 of us in the company, but it was super-fast and super-easy. It didn't affect our work at all. And we saw immediate impact, meaning after five minutes we were up and running, and we actually saw impact and improvements the same day.

The time to value, in terms of the solution stopping threats was between minutes and hours. It depends on when the malicious email was sent, but it really was immediate.

The pricing compared to the value Perception Point brings is super-competitive. They're not the cheapest in the market, but the value and the quality of the product are superior to anything else in the market, so we don't mind paying more for it. The value for money makes total sense for us.

Pricing is based on the number of accounts and seats that Perception Point covers. We are using 15 accounts, and if we become a larger company we'll just add more seats to the pricing. There is alignment between value and pricing, which we like.

Other than Microsoft, the solution that we had used, Perception Point was our first PoC, and we decided to proceed with them.

On the plus side for Perception Point were the 

• detection engine and high detection rate
• false-positive rate
• incident response team
• configurability, meaning set up time. 

Those are the main pros. There weren't any cons, honestly. They didn't fall short on anything.

Comparing the detection rates between Perception Point and Microsoft, there was a huge difference. We went from about 10 to 20 malicious attacks per day to zero today.

As for false positives, because Microsoft didn't even block most things, we didn't have any false positives when using their solution, but we had many alerts because so many things penetrated the system. So trying to compare false positives is not apples-to-apples. With Perception Point we have a 100 percent detection rate and zero false positives.

Get rid of everything you have and move to Perception Points, or at least try it. 

One of the things we really liked about the solution is that we were able to test it for about a week. There is an option to test Perception Point in parallel with what you have. That means nothing changes. Your emails still go through whatever solution you have in place, but you also see, on the side, what Perception Point detects and comes up with. We saw this huge quantity of alerts that we hadn't seen before. We saw how many malicious attacks and emails were coming into our inboxes. That was an eye-opener for us. The PoC was super-easy. It was a five-minute setup time and nothing happened on our business side. We were able to keep running as normal.

Once you try it out and you see the value, you see how much better it is than anything else, the decision is pretty easy.

The platform is great, it's easy to understand and configure. There are no issues on the product side. And I love the quick incident response team that you can reach out to.

We use them for email security of all our clients. We only use their email protection right now. We don't use their protection for Teams or other services. We use it strictly for email.

We get emails every time one of our customers gets a blocked email. This is something that I like to see. I probably get hundreds of emails that go to the folder for blocked emails. I see it blocking a lot of phishing emails that look like Amazon or Microsoft Office 365 logins. With common websites, people don't even think if they see a fake email. I see a lot of them getting blocked. 

Overall, I am very happy with it. We use it for ourselves and all our clients. It is rare to see something slip through. It definitely happens that there will be an email that comes through that is dangerous or junk, because no solution is 100%. For their effectiveness, I would rate them as nine or 10 out of 10.

I had a customer who was decent-sized, about $15 million a year, as we work with small businesses. This guy had no email security. I kept telling him, "Hey, I need you to buy this email security. Your employees are clicking on bad links." The guy refused to buy the software. It was only a couple hundred bucks a month, which is not much for a company of their size. Then, his accounting person got a lot of emails and clicked on one. They got hacked. The hackers got into their bank account and took about $70,000. This is an example of people who don't have email security.

Knock on wood. We haven't had a client, who uses their protection, have an email security breach. That is the best thing about what they do. We don't have to think too much. Their product just works and keeps bad emails away.

There is now real recognition from our customers about email security. A lot of people now know how dangerous email can be. Perception Point does a good job of keeping danger away.

The way that they scan all embedded links in an email. One of their features is a scan engine. It scans every link, then tries to determine if it is an active site. So, if they saw a threat and the website was down, then it is not really a threat. If there is a link in an email, they still pass the email through because they can't determine that it is a problem. However, when they scan them and see a problem, then we can see these results in the portal, which is good as well. 

If we have clients who say, "Hey, I didn't get this email," or "Look at this," we can view a lot of this information in the portal. 

With Office 365, the nice thing is that if an email does slip through, we have the feature enabled where we can notify them or log into the portal, then it will take the email out of our customer's mailboxes.

Their marketing and training need improvement. When some of their new features come out, they don't do a great job of notifying or educating us, e.g., sending emails such as, "Hey we..." 

Just to create a new customer, we used to have to go through their support team. The last time that I had a new customer, they said, "By the way, we have a new feature. You can do it yourself," and that was fine. 

They just don't do a good job of promoting themselves. They seem like a typical busy IT company who is just working on fixing problems and making technology better. However, they are not fantastic at marketing themselves to existing partners, which is not a bad thing. It is just something for improvement.

I have been using it for two to three years. We might have been one of the first IT companies to become a partner with them.

It has been very available and stable. The only time that we have had an issue in the last couple years (because they are based off Amazon's platform) was about a month ago when Amazon had that huge outage in Virginia. That was a problem.

The problem was that Amazon went down and our customers could not get their emails. However, the good news was that all the emails were saved at Amazon and Perception Point. There was a workaround. We could have removed Perception Point from our customers, but that would have removed the email security. So, when our customers called us and freaked out, saying, "I don't have it." We told them there was an Amazon outage. I said, "Listen, you can either wait until this gets fixed or we can remove the email security." All our customers said, "No, I'll wait," because they don't want their employees to get email viruses and click on them. 

Our largest customer is not very large compared to an enterprise. The solution is fine for us based on our client base.

Their support has been fantastic. We get very quick responses. With another vendor, I had to wait a week sometimes for an answer, which was crazy.

I have had a couple customers get mail bombed, getting 10,000 emails a day. It is impossible for somebody to check their email when they are getting that many. I had to reach out to Perception Point support. 

I have the cell phone of one of the top guys on the technical side. If I can't get a hold of somebody on their main number, then I can text or call him. I have had to a couple times. He gets somebody on his team to help slow down these mail bombs. I don't know if that is part of their Incident Response Team, but they have definitely done a good job when we have had some email emergencies.

Sometimes, their support is not 100% perfect. I would rate it as 9 or 10 out of 10.

Positive

We use Proofpoint and still have them as a vendor for people who have onsite email servers. 

We were trying to use both Proofpoint and Perception Point for a customer, and it didn't work. That was because of Proofpoint. So, we were stuck only with Proofpoint. 

I don't like Proofpoint. Their support has gotten better for some reason. I am not sure what has changed, but they had a period where their support was really bad and it was hard to get in contact with somebody. That has changed. It has gotten a little better, but I have had some problems recently. This was one of the reasons why I didn't want to use Proofpoint. They are a little too big and haven't given us good service as an IT company.

IRONSCALES is a big player and we tried using them. We went through demos and talked to sales engineers. I didn't see it stopping a lot of bad things, but I don't know if we had it configured correctly. We could never get it to work right. When we had issues, e.g., we had some emails that were blocked and some other problems, it took them weeks to get back to us. That is just unacceptable when you are dealing with email products.

I just didn't have good experiences with Proofpoint and IRONSCALES.

The initial deployment is easy. They have a document that shows you how to do it. Once you do it a couple times, you can repeat it easily. I have done it quite a few times. I can probably set somebody up on Office 365 in 15 minutes or less.

After deployment, the solution starts delivering value immediately, when it comes to stopping threats. As soon as you put them in place, they are scanning emails for anything bad coming through, which is a nice thing. 

People don't realize the benefit of it. When we get a new customer, we include this solution in our pricing. They don't even realize that we put it in. The first thing that our customers don't realize is they are not getting a lot of viruses or bad emails. The second is that they are staying up all the time. For example, with this other previous customer who didn't have it, they had somebody clicking a bad email almost every day. They were at risk of getting an infection, and then they had problems. We would then have to go clean it up. Their employees couldn't work because we were working on the computer where they clicked the bad email. 

For people who don't have it, they will see the benefit when they do have it. It won't interrupt your business because everything runs smoothly. You never see the bad stuff. 

It prevents downtime. A lot of our customers don't like it when their employees are not working because they are paying them to do nothing. If I have to work on somebody's computer for two hours, that is two hours when somebody is getting paid to do nothing. That is the thing that this type of solution helps with. It is really a waste of my time. Because if they had this solution, I wouldn't have to spend two hours cleaning it up.

There is room for improvement for them with an MSP partner. The pricing is good and fair. Our customers don't complain. The only thing is that it's a little bit old school. They don't have a system that automatically checks the number of users that our customers have so we can just update the licenses ourselves through a website. It is still done manually. They have a person who checks invoicing monthly to determine if there have been any changes. A nice improvement would be if they could get automated licensing counts. 

I have gone through a couple different vendors and didn't like the other products. Then, I found Perception Point. I used to know a guy who worked for them. We looked at their product, which did what we needed to do. Also, support was important for us. With some of the larger companies, I have had problems getting issues fixed that needed to be fixed in a timely manner. So, we decided to go with Perception Point, their technology, and portal, which shows us how it scans information in emails.

It keeps the bad emails out. They do the job of email security. We have been pretty lucky.

Do a demo with Perception Point and other vendors to see what you like. Everybody likes things for different reasons. One of the biggest selling points for us is the quick access to support via email and phone. That was my number one or two reason for going with them. You want a good product that protects you, and there are a lot of good products out there now, but the support is really why we went with them. If you want good support when there is a problem, think about these guys, because we didn't have good luck with some bigger companies.

I would rate this solution as 9 or 10 out of 10. We are super happy.