Cloud email security testing

πŸ—„οΈ Archive
1

Hi,

I will soon be testing Symantec email security (cloud) and wonder if anyone has any example test cases for similar projects.

I am not testing the product itself, more the user interaction, but am having trouble finding good information on what processes need to be tested.

Any advice/examples appreciated.

Thanks

1 Like
2

Cloud email security solutions are secure email platforms used to prevent phishing scams that trick users into divulging privileged information. However, Security as a Service (SECaaS) can most easily be described as a cloud delivered model for outsourcing cybersecurity services. Much like Software as a Service, SECaaS provides security services on a subscription basis hosted by cloud providers. Security as a Service solutions have become increasingly popular for corporate infrastructures as a way to ease the in-house security team’s responsibilities, scale security needs as the business grows, and avoid the costs and maintenance of on-premise alternatives.

So the platforms, hosted by the cloud email security vendor, also ensure emails containing links to malicious sites or trigger malware downloads are blocked before reaching the end user. Businesses use cloud email security solutions to prevent data loss and the release of privileges or credentials, and increase endpoint security by blocking malware and other web-based threats.

Cloud email security solutions are designed to provide comprehensive protection against email-borne cyber threats.

Critical features of a cloud email security solution include:

  • Anti-Phishing: Phishing attacks are growing increasingly sophisticated, making them difficult to detect and block. A cloud email security solution should be able to block even the most sophisticated attacks, such as impersonation and business email compromise (BEC).
  • Malware Protection: Email-borne malware may have built-in evasion techniques and protections to complicate detection and analysis. An email security solution should perform sandboxed analysis to identify hidden malware and rapidly deliver sanitized files.
  • Account Takeover Protection: Account takeover attacks are increasingly common with the rise of remote work. Behavioral analytics should be built into an email security solution to identify signs of anomalous or malicious behavior and take action to protect sensitive data and maintain regulatory compliance.
  • Data Loss Protection: Email is a common vector for data leakage, and companies have a wide range of sensitive data entrusted to them. Email security solutions should allow custom policies to protect sensitive data and support regulatory compliance efforts.