Call us
+44 (0)20 8830 6820

SonicWall Cloud App Security vs. Microsoft EOP/ATP

03 April 2023

Get better protection for Office 365. SonicWall CAS catches what others miss.

SonicWall Cloud App Security (CAS) offers complete in-depth security for Office 365, whether cloud email, OneDrive, or the full suite.

Connecting to the Office 365 environment via API, it scans for threats after existing security but before the inbox. Deploying within minutes, it focuses on advanced attacks, while it also filters out spam and greymail.  Employing a combination of machine learning, artificial intelligence and big-data analysis, CAS catches email-borne and zero-day attacks that Microsoft can miss.

It stops business email compromise, targeted phishing, malware, zero-day, account takeover and insider threats across your enterprise.

Find the right solution
Contact us today for more information.

Why Microsoft EOP/ATP isn’t the most efficient threat defense

Exchange online protection missed

35%

of targetted attacks

Exchange Advanced Threat Protection missed

11%

of targetted attacks

Microsoft is not a security company and while its architecture is geared toward useability, it does not have the functionality to learn from the organisation’s behaviours and interactions and often misses targeted and sophisticated attacks.  It is slow to respond, often produces false positives and it requires complex configurations and infinite tuning.

According to The 2020 Microsoft ATP report Microsoft EOP misses 35% and Microsoft ATP misses 11% of targeted attacks.

Why SonicWall CAS?

CAS uses a unique architecture built specifically for the Cloud and catches what others miss.

  1. CAS does not replace existing security layers.  Instead, it augments capabilities by providing in-line protection from the inside, deploying as an app (API) inside O365.
  2. Because it scans for threats after existing security but before the inbox, no emails, links or attachments reach the user until they are determined harmless.
  3. CAS AI is continuously trained on attacks that evade and analyses 300+ indicators of phishing, It detects anomalies by tracking, flagging, remediating  and then alerting.
  4. It protects all emails, including internal senders and secures the full suite/collaboration tools.
  5. It takes only minutes to set up, with no installation, or rerouting of traffic, nor does it require an agent to deploy.  CAS is efficient because it’s designed for the cloud and optimized to secure it.

How it works

The Secret Sauce: How CAS catches what everyone else misses

Scan all email traffic and embedded content

CAS works seamlessly with Office 365 and G-Suite built-in security via API and scans any messages including inbound, outbound, and internal emails that bypasses preceding security filters.

When using inline protection, no email, links and/or attachments can reach the inbox until CAS has scanned and determined they are 100% harmless. With a patented design that analyses over 300 unique threat indicators, CAS spots and stops Business Email Compromise (BEC) and blocks targeted phishing, malware, zero-days, account takeover (ATO) and insider threats across your enterprise.

It takes defensive actions before malicious content reaches user inboxes and before sensitive data leaks and alerts relevant personnel and products such as an admin, security analysts, EDR or SIEM about potential compromises for postdelivery remediation or recovery.

When using inline protection, no email, links or attachments can reach the inbox until CAS scrutinizes and decides they are 100% harmless.

Synchronous threat protection

Integration with the SonicWall Capture Cloud Platform security framework uniquely enables all SonicWall security solutions to work together for synchronous threat management.

This allows CAS to leverage the SonicWall Capture ATP service, the only threat detection offering that combines multi-layer sandboxing, to analyse suspicious attachments and files. Threats revealed are used to create countermeasures at one part of the defence chain, which then immediately benefits all other parts of the defence ecosystem in real time. The entire process significantly reduces the window of exposure and false positives.

CAS leverages the SonicWall Capture Advanced Threat Protection (Capture ATP) making it the only threat detection offering that combines multi-layer sandboxing to analyse suspicious attachments and files.
back to top