Mimecast & Solebit: Changing the Malware Protection Game

Just like there is no one way to catch a thief, there is no one way to catch malware. There are just so many ways to build, compile, pack, and otherwise obfuscate malicious files to get past specific detection techniques.

This is why Mimecast email security service uses many analytic techniques, including multiple anti-virus engines, file type blocks, static file analysis, and behavioral sandboxing, as well as multiple threat intelligence sources—to separate good files from malicious ones. And, of course, users need their emails and good files without delay! You can read a technical deep-dive on how we do this in our cloud security service.

In addition, there are multiple delivery vehicles for malware, which is why many security systems—whether they operate on email, the web, the network, in a cloud service or on the endpoint—need sophisticated malware detection capabilities to be effective in blocking malicious activity.

This brings me to our recently-announced acquisition of the anti-malware specialist Solebit. If you are an existing customer of Mimecast and are using Targeted Threat Protect (TTP) – Attachment Protect, you are benefiting from Solebit’s advanced malware protection technology today! Approximately six months ago we added Solebit’s static file analysis malware detection software to our email security inspection funnel in our global datacenters. As expected, we saw a marked increase in performance and detection efficacy with average processing times in TTP Attachment Protect dropping from 44 seconds to 23 seconds—a “two-for” benefit.

Rarely does cybersecurity performance and efficacy improve together, as they are typically in conflict with each other. But this is not true with Solebit.

Mimecast and Solebit for Increased Cyber Resilience

Mimecast plans to further utilize this technology to differentiate in other product areas. Solebit helps differentiate Mimecast today via its efficacy (stops more advanced threats) and speed of detection (much faster than traditional methods – like sandboxing suspicious files). Owning the company allows Mimecast to further innovate in the security detection area. We believe this technology is a critical piece to helping our customers become more cyber resilient.

With one purchase, we get access to dozens of security experts and open up a new development office in the security engineering hot spot of Herzelia, Israel in one transaction.

On the technology side, the purchase of Solebit provides Mimecast with even more advanced malware detection capabilities as we enter security spaces beyond secure email gateways. Notably, these include our recent public disclosure of our early adopter program and entry into the web security cloud services market. Given that both email and the web—often working together—are used to deliver and operate malware, such as ransomware and trojans, owning and continuing to develop key anti-malware technology will be key to the continued success of the Mimecast offerings, both current and future.

So now you know. With the acquisition of Solebit, Mimecast takes another major step toward delivering on our vision of providing a “super category” of cyber resilience solutions from a global, cloud-based service.