Email Attack Simulation

A natural progression of the Trystero Experiment came through dialog with our colleagues and customers... can we connect the outputs of this experiment, to their specific email stack? It's an excellent idea and we've done just that. If you're interested in assessing your email security stack against the malware samples known to evade the default mitigations offered by Google and Microsoft, then get in touch. All we need is an email address and a forwarding rule:

At the end of every daily testing cycle, we take our validated list of evasive malware and send each one in a separate email to this newly created account. If that message forwards back to us, then we know we've got a transport layer bypass. You'll receive a daily report where we outline the bypass/blocked statistics, enumerate MIME distribution, reveal which AV/EDR had the best gap coverage specific to your environment, and provide some insights into the kinds of threats making it into your spool based on InQuest heuristic and malware labels. For more information see an example report and note that we can swap this plain-text report with a JSON one for the data hackers out there.

Identify gaps in your defenses that would go otherwise unnoticed... that is until there is an incident. Receive comprehensive daily reports detailing the kinds of threats that bypass your email defense and reach your users' inbox. Setup requires just a few minutes and an inbox, try it for a month free of charge and see how you stack up. No GDPR concerns, this is simply a security controls check. For further details, contact us or see our datasheet on InQuest Email Attack Smulation.