Select Page

Post Delivery ProtectionIdentify Malware Retrospectively and Delete It Automatically

A malware’s signature is still unknown the first time it appears. Once malware has entered the corporate network, it spreads quickly. Damage mitigation is required. Only by quickly identifying the affected recipient (“patient zero”) and the timely deletion of the infected email, major damage can be prevented from occurring.

The Challenge

Viruses, Ransomware, Phishing: New Threats Every Second

More than 450,000 new malware programs are registered worldwide every day (source: AV-Test). That’s an average of around 313 new variants every minute, with this trend continuing to rise sharply. Not even the best email security can initially stop the latest malware, because even the most up-to-date virus filters are not yet aware of them.

As a result, emails containing novel malicious code may be delivered to the inbox. With Retarus Patient Zero Detection® (PZD), however, previously unknown threats can be identified immediately and rendered harmless before the recipient opens them and possibly executes any dangerous attachment. The majority of PZD findings are identified and neutralized within a few minutes of delivery. With almost half a million new virus variants every day, this is a decisive advantage for further minimizing the risks of a cyber attack.

The Solution

Retarus Offers Post Delivery Protection from the Cloud

Retarus’ internationally patented Patient Zero Detection® can also retrospectively identify malware in emails that have already been delivered and warn recipients as soon as the corresponding signatures are available. In combination with PZD Real-Time Response, threats can be processed immediately based on defined rules in order to automatically delete potentially dangerous emails directly from the concerning mailboxes.

Here is how Patient Zero Detection® works: A digital fingerprint is generated for each incoming email’s attachment and securely stored in a database in Retarus’ cloud-based Email Security. This does not delay delivery. As soon as a virus scanner detects malicious code in a similar attachment at a later date, Retarus compares this “fingerprint” with all entries stored in the database. If the signature matches one already stored, administrators (and as an option, all prior recipients) are notified immediately. The infected email itself is deleted upon detection.

The Features

Retrospectively Identify and Delete Malware from the Inbox

With up to four parallel virus scanners and databases as well as sophisticated algorithms for Advanced Threat Protection, Retarus Email Security services defend against the majority of dangerous attacks before they reach your company network. Patient Zero Detection® as Post Delivery Protection goes one step further and even identifies malware and phishing emails that have already been delivered.

Patient Zero Detection®

A malware's signature is still unknown the first time it appears, even to the best virus scanners. In combination with 4-way AntiVirus MultiScan, Patient Zero Detection® uses a digital fingerprint to identify emails containing malware or phishing links that have already been delivered. Relevant alerts are sent according to customer settings. This way, appropriate defensive actions can be taken as quickly as possible.

  • Identification of the recipient ("patient zero") of malicious emails already delivered using a digital fingerprint
  • Alerts sent to administrators (to ensure a quick response)
  • Simplified IT forensics
  • Identification using content analysis together with advanced 4-way AntiVirus MultiScan
  • Security Center in EAS Portal delivers additional values to PZD hash library
  • Optional alerts sent to users
  • Supports the optimization of security settings (e.g., blocklist entries)
  • In-depth checks of email attachments by executing them in virtual machines
  • Additional, automated learning from the Advanced Threat Protection results
  • Cumulative reports for any given period of time
Patient Zero Detection®

Patient Zero Detection®

PZD Real-Time Response

Using Patient Zero Detection® Real-Time Response, Patient Zero Detection® results can be processed in a rule-based manner to identify and automatically move or delete potentially dangerous emails from a user's mailbox.

  • Detailed, standardized information via administrator notification to support automatic processes used to remove emails from the server
  • Configurable text for alerts (enables the distribution of behavior recommendations that are easy to understand and can be quickly implemented)
  • Reduces the administrative work for IT forensics, support, and the help desk
  • Increases the level of protection through immediate response to identified emails
PZD Real-Time Response - Rules

PZD Real-Time Response – Rules

PZD Real-Time Response - Settings

PZD Real-Time Response – Settings

The Security Level to Meet Your Needs

The security services offered by the cloud-based Retarus Secure Email Platform can be customized to meet your company’s security needs. Click on the individual modules to find out how they can increase your level of protection and security as well as complement your existing solutions.

Retarus’ modular Email Security services are suitable as a fully comprehensive and standardized protection of all your mailboxes and also for modular expansion of an existing solution. While Essential Protection provides critical basic functions for your email security, our Advanced Threat Protection protects and defends you against new and unknown types of targeted attacks. With market-leading sandboxing technology, you and your employees are protected applying state-of-the-art machine learning. The Forensics add-on enables integration into existing SIEM tools and makes relevant events available for central analysis.

Questions About Retarus Post Delivery Protection?

Request more information or test Retarus Email Security without obligation. We look forward to hearing from you.