Kaspersky has announced a significant update to its Kaspersky Security for Mail Server, designed to strengthen systems against emerging email threats. The latest version of Kaspersky Security for Mail Server features advanced functionality for content filtering, quarantine management, and enhanced visibility for Security Operations Centers (SOC).
A study conducted by Kaspersky revealed that 77% of companies worldwide and 78% in the Middle East, Turkiye and Africa (META region) have experienced at least one cyber incident in the past two years, and 21% (29% in META) of these incidents were attributed to employees falling victim to phishing attacks.
As these statistics only capture incidents where employees responded to phishing attempts, the actual volume of external attacks through corporate email is likely much higher. To address the growing email threat landscape, Kaspersky has significantly reinvigorated its Kaspersky Security for Mail Servers.
The latest Kaspersky Security for Mail Servers update is enhanced with advanced content filtering capabilities. Administrators can now create complex filtering rules based on keywords present in the subject lines of emails, their main texts, as well as on the sender, and attachment names. Additionally, it now supports filtering by hidden headers in plain text of emails.
With the new version of the product, administrators can create dictionaries of allowed keywords and prohibited ones to optimise filtering rules for different user groups, for example. Changes made to these dictionaries centrally apply to all associated filtering rules, ensuring consistency and efficiency in managing mail security.
Kaspersky Security for Mail Server now also includes DLP (Data Leak Protection) features to monitor outgoing emails for sensitive data. Administrators can create regular expressions that match patterns of certain kinds of data formats (e.g. credit card numbers) to detect and block their transmission, mitigating the risk of data leaks. Restrictions apply to sending emails to mailboxes outside the organisation, but administrators can also configure a restriction on sending this type of data between specific departments within the company.
The latest version of Kaspersky Security for Mail Server provides SOC teams with comprehensive information on blocking events, including details of the attachments, results of their scans, and verdicts on blocked links. This enhanced visibility enables SOC analysts to better correlate events and strengthen incident response strategies.
Administrators can now benefit from advanced quarantine functionality, allowing them to view quarantined emails in their original format directly from the console. This feature simplifies the quarantine management process, providing administrators with greater transparency and control over potential mail threats.