Select Page

Post Delivery ProtectionIdentify Malware Retrospectively and Delete It Automatically

A malware’s signature is still unknown the first time it appears. Once malware has entered the corporate network, it spreads quickly. Damage mitigation is required. Only by quickly identifying the affected recipient (“patient zero”) and the timely deletion of the infected email, major damage can be prevented from occurring.

The Challenge

Viruses, Ransomware, Phishing: New Threats Every Second

More than 450,000 new malware programs are registered worldwide every day (source: AV-Test). That’s an average of around 313 new variants every minute, with this trend continuing to rise sharply. Not even the best email security can initially stop the latest malware, because even the most up-to-date virus filters are not yet aware of them.

As a result, emails containing novel malicious code may be delivered to the inbox. With Retarus Patient Zero Detection® (PZD), however, previously unknown threats can be identified immediately and rendered harmless before the recipient opens them and possibly executes any dangerous attachment. The majority of PZD findings are identified and neutralized within a few minutes of delivery. With almost half a million new virus variants every day, this is a decisive advantage for further minimizing the risks of a cyber attack.

The Solution

Retarus Offers Post Delivery Protection from the Cloud

Retarus’ internationally patented Patient Zero Detection® can also retrospectively identify malware in emails that have already been delivered and warn recipients as soon as the corresponding signatures are available. In combination with PZD Real-Time Response, threats can be processed immediately based on defined rules in order to automatically delete potentially dangerous emails directly from the concerning mailboxes.

Here is how Patient Zero Detection® works: A digital fingerprint is generated for each incoming email’s attachment and securely stored in a database in Retarus’ cloud-based Email Security. This does not delay delivery. As soon as a virus scanner detects malicious code in a similar attachment at a later date, Retarus compares this “fingerprint” with all entries stored in the database. If the signature matches one already stored, administrators (and as an option, all prior recipients) are notified immediately. The infected email itself is deleted upon detection.

The Features

Retrospectively Identify and Delete Malware from the Inbox

With up to four parallel virus scanners and databases as well as sophisticated algorithms for Advanced Threat Protection, Retarus Email Security services defend against the majority of dangerous attacks before they reach your company network. Patient Zero Detection® as Post Delivery Protection goes one step further and even identifies malware and phishing emails that have already been delivered.

Patient Zero Detection®

InboundOutbound
A malware's signature is still unknown the first time it appears, even to the best virus scanners. In combination with 4-way AntiVirus MultiScan, Patient Zero Detection® uses a digital fingerprint to identify emails containing malware or phishing links that have already been delivered. Relevant alerts are sent according to customer settings. This way, appropriate defensive actions can be taken as quickly as possible.
  • Identification of the recipient ("patient zero") of malicious emails already delivered using a digital fingerprint
  • Alerts sent to administrators (to ensure a quick response)
  • Simplified IT forensics
  • Identification using content analysis together with advanced 4-way AntiVirus MultiScan
  • Security Center in EAS Portal delivers additional values to PZD hash library
  • Optional alerts sent to users
  • Supports the optimization of security settings (e.g., blocklist entries)
  • In-depth checks of email attachments by executing them in virtual machines
  • Additional, automated learning from the Advanced Threat Protection results
  • Cumulative reports for any given period of time
Patient Zero Detection®

Patient Zero Detection®

PZD Real-Time Response

InboundOutbound
Using Patient Zero Detection® Real-Time Response, Patient Zero Detection® results can be processed in a rule-based manner to identify and automatically move or delete potentially dangerous emails from a user's mailbox.
  • Detailed, standardized information via administrator notification to support automatic processes used to remove emails from the server
  • Configurable text for alerts (enables the distribution of behavior recommendations that are easy to understand and can be quickly implemented)
  • Reduces the administrative work for IT forensics, support, and the help desk
  • Increases the level of protection through immediate response to identified emails
PZD Real-Time Response - Rules

PZD Real-Time Response – Rules

PZD Real-Time Response - Settings

PZD Real-Time Response – Settings

Effective Protection from Cyber Attacks with Maximum Flexibility.

Retarus Essential Protection effectively protects your email infrastructure against threats such as malware, spam, phishing, or spoofing. For extended protection, we offer innovative modules as enhancements. They can be added à la carte according to your requirements.

Do you need a higher level of security for your inboxes? With Retarus Advanced Threat Protection, you are optimally equipped against even complex cyber attacks thanks to four parallel virus scanners, Time-of-Click Protection (URL rewriting), and CEO Fraud Detection.

Your email infrastructure can additionally be secured with market-leading sandboxing technology. Suspicious file attachments are executed in a partitioned virtual machine and deleted or quarantined if found.

For maximum protection, Retarus Post Delivery Protection enables subsequent identification of malicious code in emails that have already been delivered. With PZD Real-Time Response, dangerous emails can even be automatically deleted from your users’ inboxes.

Need a connection to your existing SIEM tools? No problem. Forensics SIEM integration delivers events in real-time through a protected interface, allowing you to supplement your data stream with email security details.

Good to know: Retarus’ Email Security Services are the perfect modular enhancement, offering additional protection for standard security components used by Microsoft 365 and Google Workspace.

Questions About Retarus Post Delivery Protection?

Request more information or test Retarus Email Security without obligation. We look forward to hearing from you.