Perception Point Advanced Email Security Reviews

I have my own company where I use it personally along with my own people and assets. I am also a consultant to a lot of other companies, for which I integrate this system. Basically, they don't have a lot of functions. We use its mail filtration, i.e., mail defense or mail relay. We also use their Office 365 SharePoint feature.

I provide services to about 80 different companies.

I implemented it for our company in January. By the end of the year, I gave the company some reports. We didn't have any issues or malicious activities from any point of view, especially from email. That says it all.

No one complains about any of my emails coming in late or never coming. If it never comes in, it is either contaminated or stopped because of an issue, but never because of latency, etc.

In terms of integration, it was easy. The company didn't even realize that they had a security appliance in their infrastructure. It was quite transparent to them. They were happy, I was happy, and that's it. The simplicity of it was the best aspect when it comes to integrating it into the network.

You won't see any changes in how your systems function. First, it is an external service. The second thing is it's just a mail relay. So, it just scans if the email is contaminated or if it doesn't score high in their risk scoring matrix.

They don't have a lot of features. They have very straightforward basic features. As a mail relay, I am very satisfied with the product because it really defends against all malicious activity from the Internet. It catches a lot of stuff, such as attachment files on body headers. 

It really works well on SharePoint when you upload a file or save a file. Advanced Email Security scans if it is malicious and identifies issues. It can do some forensics on its console, which is nice. 

The UX/UI is quite straightforward and good. You don't have a lot of settings to mess around with, which is great. What you see is what you get.

As far as I know, it provides full scanning of all incoming mail content. Incoming-only is good enough for me. Once you have malicious activity within your domain, e.g., your Office 365 or any type of mail service, it doesn't really matter. It really matters what is coming from the outside into the organization.

If you are an E1 or E3 user in Office 365, this will complement your solution quite nicely, without spending a lot of money. I don't think that Office 365 gives you a lot of security in terms of your mail infrastructure, unless you know how to configure it correctly. Here, you don't really need to configure anything. You just change the DNS record, and there you go. So, it is really good.

They could add some more features or interesting stuff that we could integrate.

From a forensics point of view, it could improve a bit more from a threat intelligence aspect. So, if I find a malicious email, they could have more investigations about sources, headers, where it comes from, if they have seen it in other campaigns before, etc. I would like a little bit more from a threat intelligence point of view so I can understand who else might be affected and attacked as well as the vectors of attack.

I have been using it for around five years, since one of their first versions.

I have never had an issue with stability. 

I don't know the date and what happened, but they did have an issue with their server. It was a bit stressful, because they are the bottleneck in the end. There are some strict rules in Office 365 that if they are not responsive, then no one will get their emails. So, their downtime is critical. It would be nice to have the knowledge/comfort that incoming email services won't be affected, even if they need to be in downtime, maintenance, etc.

The scalability is endless. 

I had some silly settings. I forgot to do something from an Office 365 point of view, then something didn't work. I raised a ticket, and they said, "Check this and that." It was my mistake. Another ticket was because I needed to create a specific rule in their system. I just wanted them to do it, because I wasn't sure that I was doing it correctly and didn't have time to waste on it.

When you change the DNS record, it takes some time until it takes effect. It is usually a few seconds, but something didn't go right. I don't know if it was on my end or theirs. I think it was on theirs. They had to create another token, DNS string, or some sort of setting to refresh it. 

There was one email where I raised the flag, and asked, "How did it go through?" It was some sort of spam. They said that they would check it out and pass it to the vendor. I believe they took care of it because I haven't seen it since.

Their technical support is good. I would rate it as nine out of 10 because there are always places to improve.

There were a few solutions in place before Perception Point Advanced Email Security. We switched to Perception Point because I recommended it.

The initial setup was easy-peasy. It took five minutes to deploy.

After deployment, it took five seconds for the solution to start delivering value, when it comes to stopping threats.

We don't speak directly to the vendor. We have an intermediary, Magen Ofek, who does the SOC. They are actually very active. We didn't ask for SOC services, but they are giving it, and it has been quite good. 

We are very much happy with Magen Ofek's service. their response team is on the money. Whenever something happens, whether I am aware of it or not, they pick up the phone, send me an email, WhatApp, etc. They ask me, "Do you know about this?" They are literally on the money.

The solution has helped prevent thousands of threats. 

It fits every budget. It has a low price. I can't go ahead and sell it for any price I want. They are quite strict. They say, "This is the price that you can sell it for and this is the price for you as a reseller." That is it. It is not a lot of money. I will not become rich from it, but I like that they keep a standard for everyone. They are a fair company.

I have a small lab. Before I recommend the solution to clients, I check it out. For other companies, I always compare and do the hard work.

My organization is small. A friend from Magen Ofek showed me this solution and I trusted them. That is for my personal company. 

Perception Point Advanced Email Security is simple to integrate and cloud-based. The other solutions that I checked were a bit more primitive. They were on-prem and you needed servers, overhead, etc. Since Advanced Email Security is a cloud service, you don't need servers for it.

With Perception Point Advanced Email Security, you don't need to mess with any settings, rules, etc. It was fast to deploy. There was no need to mess around with settings, where if you're not familiar with them, then you need to scratch your head. 

It offers simplicity. You don't need to provide servers and waste money on infrastructure. You don't need to waste money on specialists. You can do it if you just follow the instructions. It does a good job for the amount of money that you need to spend.

There are never any false positives. I have not heard any complaints.

We are not an IT service company. I don't provide IT services. I provide cybersecurity consultation and assistance. Sometimes, I am a little bit hands-on. I don't provide IT services, so I don't care about false positives and things like that. I integrate systems, security, and assets, then configure them. After that, I say, "Here is our report. This is what we caught. I don't know what you had previously, but this is what we caught. You are safe."

I would rate this solution as nine out of 10.

We are today using this product for email filtering and we plan to use it later for file filtering on cloud-sharing platforms.

This solution is very effective at detecting malicious content and very fast in adapting to new threats. There have been new types of attacks which, instead of attaching malicious files to emails, have been attaching to Google Docs that are hosted on the Google Cloud. Within a couple of days, Perception Point updated the engine to a filter and block such attacks. For us, it was very beneficial because the users are not allowed to open attachments, but when people asked them to view a document on the cloud, they weren't used to it. This left them open to this type of attack.

The Perception Point incident response team acts like our own SOC team, which is important because we do not have a SOC, but rather a limited incident response team. This means that any external assistance allows us to work on the more critical areas and identify the events that we have to investigate. In general, it significantly reduces our internal workload.

When it comes to incident management, I think that the Perception Point incident analysis is very fast. It usually takes less than an hour to go back with initial reactions, and they adapt the technology very fast as well. They provide either interim solutions or full solutions to all of the incidents that are identified.

In terms of engine optimization, ever since we started working with Perception Point, we have been able to monitor improvements to their capabilities, including adaptations they have made. Moreover, our own team was able to work with the system and ask for improvements, and they've all been done very fast.

Perception Point has helped to reduce our false positive rate by approximately 90%. More generally, it has reduced the total number of alerts we get. We used to have more than 100 endpoint alerts per month and it has been reduced to individual ones. Overall, that is a greater than 90% drop in alerts.

The most valuable feature is the ability to identify malicious content and phishing emails and reduce the workload we have to do in terms of security. The quarter before we used Perception Point, we had about 400 positive identifications of malicious content being used by employees, probably getting them via email. Since using Perception Point, we have almost nothing.

The only thing that can be improved in Perception Point is the in-depth analysis and attribution to cyberattack groups. This is an issue I have raised with their product team. Currently, when we get malicious content, we don't know where it came from. One of the things that worries me the most, as a sysop, is whether we are being targeted by any of the cybercrime groups. This is something that Perception Point doesn't do, so I have another cyber threat intelligence team that does the investigating. Ideally, Perception Point should offer this as part of their service.

We have been using Perception Point Advanced Email Security for the past four or five months.

We are using it as a SaaS and since we have been using it, there have been no noticeable service interruptions.

It seems to be very scalable. It's cloud-based, so it should be able to scale nicely. We haven't done load tests because our load is not very high.

We have about 1,400 people who are protected by this product, and they work in every role that you find in an enterprise. We are located in Asia, Europe, and North America.

The technical support is very good. Most of the time, they reply within one hour.

Prior to Perception Point, we were using a solution by Barracuda. We switched because Barracuda didn't provide the capability to filter emails and block the malicious content we wanted.

The initial setup was very simple and straightforward. As we are using Perception Point as a mail relay, it only involved changing the MX record or DNS records in order to relay our email messages to Perception Point, and whitelisting the Perception Point addresses in our email systems. It was a very simple configuration, and it was up and running very fast.

We have many domains, and some of them took some time, our major domain was done first and it was completed within one day.

After deployment, it started providing value immediately. That said, it took a few weeks before we identified everything that needed to be whitelisted or blacklisted.

It requires some administration in terms of blacklisting and whitelisting rules for URLs of domains. There are some cases that the out-of-the-box solution doesn't identify properly, especially when there are misconfigurations by people that we communicate with.

I managed the deployment, but someone on my team did the technical setup.

We have seen ROI in the form of reduced security team activity, a reduction of employees clicking on phishing emails and malicious content, a reduction in the need to re-image machines that have been infected by malware, and a reduction in the incident response (IR) activities.

We were able to get reasonable pricing that matches the ROI we want, so I think that it is the correct price point.

We evaluated other solutions including Mimecast, Sasa Software, Forcepoint, and a couple more. Some of the products that we looked at didn't offer a full SaaS solution so we didn't consider them.

We didn't perform a full pilot program with the rest of the vendors because we had a situation where we wanted to deploy very quickly. We were in a dialogue with Perception Point, it performed perfectly, and we just decided to move on with them.

My advice for anybody who is considering Perception Point is that there are no false negatives and no false positives with this product. Overall, I am very happy with it.

I would rate this solution a nine out of ten.

We use the product to safeguard your organization's email communication from various threats, particularly targeting senior-level employees. The aim is to prevent phishing attempts, spam, and other malicious attacks that often target executives or individuals accessing sensitive information.

The most valuable feature is the technical support services. They are doing a notable work. We can easily send requests to resolve issues in case of malicious attacks. Their response time is good. Additionally, the user interface is accessible. Even users from non-technical backgrounds can easily understand the status and nature of emails, whether they're spam, phishing, or malicious. This user-friendliness stands out as a significant positive point.

They could provide additional data loss prevention features as we encounter different kinds of attacks in today's scenario. It leads to data losses. It would be beneficial to include such functionality.

We have been using Perception Point Advanced Email Security for five months.

The product is stable.

The product scalability has been much appreciated. We do not encounter any lag or downtime. It doesn't impact the email flow aspect as well.

We have used Mimecast before. Their user interface was complex and complicated to navigate. During the POC, it was evident that Perception Point could detect and prevent certain malicious emails that Mimecast had missed.

We switched to Perception Point as it has better reviews than other competitors in email security scenarios.

The initial setup of Perception Point, whether deployed on-premises or in the cloud, was straightforward and efficient. The installation and configuration process took approximately an hour, including onboarding and DNS settings. Compared to other email security solutions, it was a quick setup process, requiring minimal time.

The product generates a good return on investment.

Some features related to the user interface need improvement. While the pricing for email security alone remains reasonable, their additional offerings for collaboration apps like Teams, Zoom, and other web security vendors might entail a slightly higher cost.

I rate Perception Point Advanced Email Security an eight out of ten.

We are using Perception Point Advanced Email Security for filtering or securing our email system.

The most valuable feature of Perception Point Advanced Email Security is the filtering and securing of emails.

It would be helpful for Perception Point Advanced Email Security to have more integration with other solutions.

I have been using Perception Point Advanced Email Security for approximately one year.

I rate the stability of Perception Point Advanced Email Security a nine out of ten.

We have approximately 500 secured mailboxes using this solution in my organization.

I rate the scalability of Perception Point Advanced Email Security a ten out of ten.

I did not use the support from Perception Point Advanced Email Security. However, we did use the support from the dealer we purchased the solution from.

I have previously used IRONSCALES. When comparing IRONSCALE and Perception Point Advanced Email Security, they are very similar. However, IRONSCALE is less expensive.

The price of the solution is high.

I rate the price of Perception Point Advanced Email Security a two out of ten.

I rate Perception Point Advanced Email Security a nine out of ten.

We're not yet clients of Perception Point. We have been running a PoC on their email security product for about two months. My managers are still going through some steps to see if we will finalize something with them.

The main component of their product is email security and their solution has been proven to be quite good at catching the bad guys.

The solution has pretty good detection. It has some particular areas that are—if "unique" is not the right word—strong points for them. 

• It has modules to detect malware and that is a strong point.
• It has a very nice way of showing you, directly in the product, a lot of details about certain pieces of malware. It goes very deep and even shows you the assembly code.
• It also does detonations on files and shows you the results in different operating systems. That is very useful. 
• And it has pretty good capabilities for catching malware campaigns that other products are not really catching.

Coming from products in the Microsoft stack, Perception Point doesn't really give you, as an admin, a lot of options to make changes yourself. It's more on their side to make changes in the back end. That's something they could improve on in the future.

Also, the search functionality is kind of tricky or buggy. When you enter some text to search, you have to scroll down to find the search button. It's a bit more friendly on the Microsoft side, or maybe I'm just more used to Microsoft. But if you copy a piece of text, like the subject of an email, and you paste it in the Perception Point search, you cannot modify it. You have to modify it before you paste it. That's just the way their text input field works. They need to pay some attention to the search functionality.

Also, you cannot really see graphs of evolution over time. You can choose various timeframes like one day, one week, one month, or a custom timeframe, but you cannot really see any evolution or compare graphs. You can't really see what the spikes were in one month. Perception Point does have a very graphical layer and they tell you, "We stopped this many emails with this layer, and we stopped this many emails at this other layer," which is very nice, but I would love to see a graph showing evolution and spikes.

We didn't have issues where the service wasn't available. That was okay.

The only little issues that we had were on the identity side, where we would invite a person to join the sandbox that they created for us, we would give them a role, but at some point they would lose access, and we would have to do some steps again. I'm not sure why that happened. But we didn't have service interruptions or anything like that.

We ran the PoC in a way that almost all emails that had to go to Perception Point did. It handled that volume pretty well and I didn't see any kind of issues. And I don't expect to see any issues if we were to scale it even more with a bigger volume of emails. We onboarded close to 5,000 email accounts into Perception Point.

Because Perception Point is not such a big company right now, I found that they are very responsive. The account team, the team that we did the PoC with, was very friendly. They answered all of our queries and they were always there. Even if we didn't directly communicate with the IR team, the person that we were in touch with, who had connections with the IR team, was always available. He was always giving us a heads up telling us, "We caught this campaign," or asking us if we needed anything. They were very friendly, responsive, and professional.

We didn't communicate with the support team. The account team took care of anything we needed. But they were excellent.

The way we set up the PoC, just required us to set up a tiny transport rule and that was it. I'm not sure, when you put it into production as your main solution, what that process would be like. For us, having it as a second solution, on top of Defender, it was very straightforward.

We didn't let Perception Point actually stop anything in the PoC. The stopping task was still left to our main production system which is Defender. Our approach in the PoC was that we wanted to see what they would detect beyond our current solution. If I had let Perception Point stop anything, it would have stopped some pretty important campaigns in terms of malware, credential harvesting, and the like. But right now, it's just in detection mode.

During the PoC we didn't really use or talk to the Perception Point Incident Response team. We had two contact points on their side, and one of them was working closely with their IR team, but my colleagues and I didn't interact with their IR team. I know that behind the scenes the IR team was active, at some points blocking things or analyzing things.

I was the primary person who set up and tested Perception Point, in my role as senior security engineer. And one of my colleagues, who is handling email in his role as a cloud operations engineer, was involved. We also had our manager who is our director of IT, and another colleague who is a security analyst involved.

Our main email security solution is Microsoft Defender for Office 365. During the Perception Point PoC, we put the two products alongside one another, and we did see better results for some malware campaigns with Perception Point. There were some campaigns in which Defender for Office didn't catch things and Perception Point did.

We didn't really look for false positives. We were looking more to see if Perception Point could complement our detection stack. There were some things, legitimate domains that we were using, that Microsoft blocked and Perception Point didn't. If Perception Point had been our primary product, it probably wouldn't have blocked them. But in a similar way, Perception Point also blocked some stuff that was not actually malicious.

Perception Point has a very good engine for image recognition, like logos, and it was able to stop some phishing. Anyone could see they were phishing attempts, but somehow, Defender for Office 365 sometimes didn't catch them. Perception Point did, every time.

Perception Point is a good solution. It's definitely worth testing. Every customer's environment is different, and not all companies are targeted in the same way, either because they are in different industries or they have a different number of employees. But phishing is definitely a very important attack vector, and Perception Point's product is very good. It's worth giving it a try, to at least run a PoC to see how it works.

The PoC was a very good experience and, at this point, I'm just waiting for my managers to make a decision about the product.

Our primary use case is to secure our email channel. We're using Perception Point only for our email users.

Among the most valuable benefits are the results we have seen from the detection engine. Since implementing Perception Point, we have had zero suspicious emails coming into our inbox. We have seen a 100 percent decrease in attempts.

And there have been no false positives. There have been no cases where we could not see emails, due to Perception Point mistakenly blocking them, that we should be able to see. Everything is working as it should.

One of the most valuable features is the service provided by the incident response team. There have been cases where we have suspected that emails were fraudulent or something was suspicious. In those cases, we immediately contacted the incident response team through the platform, and we had a response in less than a minute. They confirmed that those emails were not fraudulent, and we were able to continue with those emails. The response and the capability and the professionalism of the team have been some of the good aspects. It has been very positive on the customer service side.

I don't have anything bad to say about the product.

One feature that might be nice to have, and I don't know if Perception Point could actually do this, would be that when you are sending an email with sensitive information, Perception Point would either block it or trigger a message saying, "Are you sure you want to send this kind of information to these recipients?" Something like that, before you make a mistake, would be helpful. Some type of AI agent that determines what, for us, is sensitive information, would be great.

We've been using Perception Point Advanced Email Security for exactly one year.

We haven't seen any hiccups. We've had full usability and haven't seen anything that was not working or that impacted our business operations. We have seen 100 percent uptime.

It's hard for me to talk about scalability because we only have about 15 employees. So in our case there are no scalability issues. But I know customers, friends of mine, whose companies have tens of thousand employees and use Perception Point, and they have had the same feedback about scalability: no scalability issues.

We used Microsoft ATP.

Before Perception Point, we had a high number of malicious emails coming in; constant attacks and nothing was blocking them, including phishing attacks and account-information takeover attempts. Because we're a financial institution, we were very much at risk of having funds wired to a fraudulent account. We noted numerous attempts. As a result, we researched the market and we chose Perception Point for our email channel.

I was working closely with our IT manager at the time of the deployment, and it took us less than five minutes to configure Perception Point for all of our employees. There are about 15 of us in the company, but it was super-fast and super-easy. It didn't affect our work at all. And we saw immediate impact, meaning after five minutes we were up and running, and we actually saw impact and improvements the same day.

The time to value, in terms of the solution stopping threats was between minutes and hours. It depends on when the malicious email was sent, but it really was immediate.

The pricing compared to the value Perception Point brings is super-competitive. They're not the cheapest in the market, but the value and the quality of the product are superior to anything else in the market, so we don't mind paying more for it. The value for money makes total sense for us.

Pricing is based on the number of accounts and seats that Perception Point covers. We are using 15 accounts, and if we become a larger company we'll just add more seats to the pricing. There is alignment between value and pricing, which we like.

Other than Microsoft, the solution that we had used, Perception Point was our first PoC, and we decided to proceed with them.

On the plus side for Perception Point were the 

• detection engine and high detection rate
• false-positive rate
• incident response team
• configurability, meaning set up time. 

Those are the main pros. There weren't any cons, honestly. They didn't fall short on anything.

Comparing the detection rates between Perception Point and Microsoft, there was a huge difference. We went from about 10 to 20 malicious attacks per day to zero today.

As for false positives, because Microsoft didn't even block most things, we didn't have any false positives when using their solution, but we had many alerts because so many things penetrated the system. So trying to compare false positives is not apples-to-apples. With Perception Point we have a 100 percent detection rate and zero false positives.

Get rid of everything you have and move to Perception Points, or at least try it. 

One of the things we really liked about the solution is that we were able to test it for about a week. There is an option to test Perception Point in parallel with what you have. That means nothing changes. Your emails still go through whatever solution you have in place, but you also see, on the side, what Perception Point detects and comes up with. We saw this huge quantity of alerts that we hadn't seen before. We saw how many malicious attacks and emails were coming into our inboxes. That was an eye-opener for us. The PoC was super-easy. It was a five-minute setup time and nothing happened on our business side. We were able to keep running as normal.

Once you try it out and you see the value, you see how much better it is than anything else, the decision is pretty easy.

The platform is great, it's easy to understand and configure. There are no issues on the product side. And I love the quick incident response team that you can reach out to.

We have a hybrid Exchange environment with an on-premises email server and also Office 365. We have multiple domains and the challenge was related to the email filter. We were doing a lot of things manually and we wanted a simpler system.

As of now, we are only using this product for email. However, in the future, we may implement some of the other modules such as SharePoint, Dropbox, or other services.

Perception Point has improved the way our organization functions in many cases. For example, there are a lot of malicious files coming into the company and the previous solution that we had was not filtering them in an effective manner. When we switched to Perception Point, it became quite handy and it started detecting most of them. I would estimate that nine out of ten were being found and then blocked.

The only challenge we were facing was a small number of false positives, which was okay because we were able to handle them properly. In terms of reduction, implementing Perception Point has resulted in a 50% to 60% drop in the number of false positives that we were experiencing.

In my experience, the detection capabilities have been good. I would rate the performance an eight out of ten because it is much better than some other products I have researched. I have seen examples of it detecting malware.

The vendor's incident response team acts as an extension to our own SOC team.  This is important because we need to know exactly what is happening so that we can report it to the top management, accordingly. 

Perception Point's incident response team has aptly handled the incidents that we have had. So far, we have only had a few, so our challenges have not been great.

With respect to engine optimization, I see a lot of features being upgraded every month. The engine seems to be getting more robust. I can see the differences in this AI-based technology.

I would estimate that each day, Perception Point saves our own SOC team between one and two hours. We were spending a lot of time on security and since implementing this product, we have been able to reallocate time and put it toward other tasks.

I estimate that overall, the number of alerts that we receive at our endpoint layer has been reduced by between 40% and 50% since transitioning from our previous product. Time-wise, this saves us between an hour and two hours a day.

In terms of how long it took to begin showing value, from the perspective of a customer, I think that it took about three days before we started to notice the difference. It required no tuning or customization and it was very clear in the console. The dashboard showed everything that it was doing, making the system very transparent.

The most valuable feature is the hardware-assisted platform module. The HAP is hardware-based and does not exist in many products. It is a unique CPU technology that can detect ransomware attacks.

The notification system is helpful. We received two notifications a day, which include the false positives.

Email alerts should be available in real-time. Alternatively, emails should be sent more often. It would be better to get between six and eight emails per day to help us understand what is happening.

At this time, we don't have an option to customize alert emails for our customers. They come directly from the vendor and we have no control over them.

The reports should be more customizable.

We have been using Perception Point Advanced Email Security for less than a year.

It's a robust product and we don't have to manually intervene when it comes to filtering when we use the engine. In production, it seems to be stable and we haven't faced any downtime.

Perception Point is used throughout the organization and we have 250 devices that are protected.

Scalability-wise, we haven't explored or tested it. I think the product can be scaled in terms of adding more features. More than its security, they can add more features, like email archiving, but I'm not concerned about it.

Whether we increase our usage depends on the business. If we continue to grow then we will continue using this product and we will increase the number of users. I think that it's quite capable of scaling with us.

When we need to create reports for management, we sometimes send queries to the support team. They are very responsive and normally, they answer the same day, within a couple of hours.

In total, I have spoken with them approximately 10 times and the experience was always good. I believe that the nearest support center is in Israel, and we're approximately two hours apart, yet the response was still quick and on time. They have always been able to resolve our issues.

We had challenges with malware when we were using another on-premises product. The product was MailMarshal, by Trustwave. The first reason that we decided to switch was that it was purely a signature-based system. The second reason was the support. Simply, they did not provide the support that we needed.

We had done some brainstorming before the project, and we could see that the setup process was transparent. As such, it was straightforward and even though there was some complexity, we could see exactly what they were going to do. All things considered, it was not overly complex.

The implementation strategy did not deviate from our IT policy and it was good. They were not using the MX pointing but rather, it was another kind of shared organization policy that is hidden from the attackers. The fact that the attackers cannot directly see what we are using, and it is similar to a shadow, is one of the features that we liked.

We are a 24/7 organization so for us, the main challenge was minimizing downtime. Downtime is crucial for us and we were able to complete everything in less than six hours.

From our side, there was one IT manager and two network administrators involved in the deployment. The two network administrators continue to work with this product but in a maintenance capacity.

We have absolutely seen a return on our investment. Cost savings and technology-wise, the HAP module is the feature that gives us the biggest ROI. It is implemented in hardware and not available in a lot of systems. It is incorporated directly into our data center for multilayer protection.

The price of this solution was within our budget and I think that it will suit most SMBs. There are no additional costs beyond the standard licensing fees.

We evaluated Mimecast at the same time that we were looking at Perception Point. It is a top runner in this space and they have more services, such as mail archiving. Ultimately, we found that Perception Point is a better product. It delivers approximately the same value for what we needed, but for less cost, and pricing was one of the other constraints.

We did not implement a PoC with Mimecast, so I can't make any technical or performance comparisons based on actual usage.

The biggest lesson that I have learned from using this product is that when you use smart products in a smart way, it can save you a lot of time with respect to productivity. This in turn allows us to look at how that time can be used for other major tasks.

My advice for anybody who is thinking about implementing this product is to start with a PoC. The vendor offers a 14-day PoC, which will give you a clear idea as to exactly what is happening. From there, you can choose to proceed with it or not.

I would rate this solution a seven out of ten.

Email protection from:

1. All malicious attachments. 
2. Phishing URLs
3. Phishing and spam emails.

We work mostly with Slack for incident management with their Incident Response team. Everything is recorded, maintained, and operated in Slack. This is easier for every team, making it easier for us to stick with this solution. They are online. We show evidence. In general, we have good communication.

Email is still the first victim, e.g., it is number one for hackers to use. This is why you want to have the best protection against those attempts. The mechanism Perception Point Advanced Email Security has against malicious, phishing attempts and all these hackers' attempts via email was the main reason to use this solution. It protects the company from all the email attempts that can put the company at risk.

They can do better on the spam. Today, Perception Point is not our only solution. We have two solutions, and they are the second in line because the spam filtering is not yet the best. 

From an operational perspective, as a customer, we want to have the ability to do all the changes that we want. I don't want to have to approach the Perception Point guys, and say, "Please do: A, B, C, D." I prefer to have my guys do our customizations.

I started to use Perception Point Advanced Email Security even before my current position. So, I would have been using it for about four years.

In the four years that I worked with them, we have had maybe two downtimes. Obviously, that is a good percentage of uptime. I haven't had any big issues with them. So, the stability is very good.

Two security engineers manage the solution out of the SOC.

We started small, then we expanded. Because it is a cloud-based solution, it is very easy to scale. 

From a user perspective, there are around 7,000 mailboxes with almost 300,000 emails a day. The solution is fully deployed (100 percent).

We have used the technical support. Usually we use them when we have a false positive or false negative. It depends. We are using Slack, so they answer right away. They check and investigate it, so the technical support is quite good.

The vendor commits to the solution’s effectiveness when it comes to detection, but this is around an accuracy and detection rate of 99.5 percent. They sometimes miss and we find them. Obviously, we report them back, then they try to fix and solve them for the next time, which is a good thing. 

It is very important that the vendor’s Incident Response team work in the background and proactively help. They are also providing 24/7 support, so if something is happening while it is night, holidays, or weekends, then it is important that they will be proactive if they find something suspicious or something that requires actions. Therefore, we need them to be responsible. Some of this stuff, we can manage on our own, but there is stuff that they need to do on the back-end.

I see from time to time that Perception Point is being proactive. They approach us, and say, "Can you check this, and this?" So, it does seem that they are an extension of my incident response.

Once we report any stuff that we found, and for some reason haven't detected, they do everything very fast. It is almost real-time, and they are closing this gap. If they found something that they missed, or we told them, then they acted quickly.

We had an email protection system that wasn't as good before. Now, our block percentage is much higher. So, we have fewer incidents happening in the company. Obviously, this shows in the ROI. I don't need my guys to start dealing with all these incidents. Perception Point Advanced Email Security also provides a very good investigation report of what it was trying to do. Then, we take it and leverage it, using it to improve our detection in our protection systems. Therefore, we have increased the effectiveness of our detection against malicious attacks, plus our SOC team is not spending as much time dealing with them.

We added Perception Point Advanced Email Security. We still have Fortinet FortiMail because of the anti-spam. Fortinet is the first in line to block the spam, but they are second in line when blocking all the malicious stuff.

The initial setup was very straightforward. We did it in two phases, mostly. 

The phase one: Right away, we did all the malicious attachments. Obviously, we did it first in detection mode. After we saw there were not too many false positives, we changed it to block mode quite fast. It took one to two weeks, then we just changed it to block mode. 

The second phase was phishing URLs, which was a little more complicated than attachments. It was for detection only on URLs. We whitelisted all the legit URLs that had false positives. Once we finished with whitelisting, we enabled it on block mode. From that moment, it was quite straightforward. There were no issues. 

We can go into full production (fully live) with this solution in one month.

Sometimes, we have a URL that goes into a whitelist, but it happens once a month or something. It is a very low number. 

After deploying the solution, you can see all the blocking right away.

One security engineer deployed it out of the SOC.

For specific incidents coming via email, we have reduced our SOC team time dealing with problems by 99 percent.

Perception Point Advanced Email Security has helped us reduce our false positive rate. We currently have a 99 percent success rate with one percent false positives. 

The solution has helped to reduce the number of alerts received by our endpoint layer. We have around 99.5 percent accuracy. This has affected our security operations a lot. The ROI has been very good. My guys have spent less time on investigating incidents from the endpoint, because it was already blocked on the Perception Point level. 

They are not the most expensive vendor. There are much more expensive vendors. They are not cheap, but they are not the most expensive. They are somewhere in the middle.

The pricing is for the number of emails. There are additional costs for the number of files and scans.

I did evaluate two other solutions, Mimecast and Bitdam. Eventually, it was a combination of cost, integration, and support. I did want something that would work very fast and adjust to my needs. Also, the cost was important. We wanted something priced in the middle, not too expensive nor cheap.

Perception Point Advanced Email Security had a very good detection rate score. Obviously, that was one of the reasons we chose them eventually. It was not only because they are nice, but because the solution was top-ranked.

If you are looking for a one stop solution that will deal with all your email security, then they are probably not the perfect one because you will still need to add more tools. If you are looking to be the best in security and stop all security threats coming through via email, add this solution to your current environment and trust that they have 99.9 success rates when blocking any malicious stuff. Depending on the company, you can either add them to your portfolio or replace other solutions that are not as good as them.

You need to remember to whitelist your internal services so they will not get blocked. For example, sometimes there are internal services that the company uses. Because they are internal, and not coming from the outside, most security tools will detect them as suspicious.

I would rate this solution as a nine out of 10.