Symantec Email Security Community

How Does Symantec Email Security Stack Up Against the Competition?  

11-28-2017 12:16 PM

Email is by far the most popular method for attackers to spread malware and breach organizations, as the ubiquity of email and ease of impersonation makes email attacks lucrative for cybercriminals. These attacks have evolved beyond basic spam and phishing emails to new, sophisticated email threats such as ransomware, spear phishing, and Business Email Compromise.

These attacks are frequently targeted and use social engineering to trick vulnerable users into downloading malware, clicking on suspicious links, or falling for scam emails. They also leverage complex smokescreen techniques to avoid detection such as hiding malware in innocuous-looking documents, obfuscating malicious links, or typosquatting email domains.

As email threats become increasingly advanced, organizations need a solution that effectively and accurately blocks new, sophisticated email attacks. Symantec protects your business from advanced email threats with Symantec Email, a cloud-based email security solution.

Comparing Symantec to the Competition

At Symantec, we strive to continuously innovate and improve the efficacy and accuracy of our solutions. This includes testing to evaluate our solutions against products from other vendors, which helps us to constantly push ourselves and deliver new advancements to customers. As a result, we recently conducted an internal test to measure the threat detection capabilities of Email against other industry solutions.

We tested Email against email security solutions from Proofpoint, Microsoft, and Mimecast. In this test, we sent a total of 1,900 emails, which included a combination of malware, phishing, spam, bulk, and clean emails, to each email security solution over a period of 15-25 days. We maintained a ratio of 12:1 clean (which includes bulk mail) to bad (malware + spam) emails in this test.

The results (see Figure 1) show that Symantec remains the leader in effectiveness and accuracy for email threat detection. Symantec Email had the highest effectiveness (98.77% detected) and accuracy of all solutions tested (0.00% false positive rate).



Why Does Symantec Come Out Ahead?

Many of the solutions we tested use standard technologies such as anti-virus signatures, blacklisted domains, and reputation analysis to block email threats. In contrast, Symantec takes a unique approach to email security by using advanced heuristics, link following capabilities, and intelligence from the world’s largest civilian threat intelligence network to protect against email attacks.

First, Email leverages advanced heuristics to stop new & crafted email malware such as ransomware. These predictive technologies effectively identify new or crafted threats by examining every aspect of an email for malicious behavior. This includes email characteristics such as delivery behavior, message attributes, attachments, and social engineering tricks. Moreover, these capabilities detect new variants of ransomware by using deep code analysis to determine if an email contains any components of malicious code (since attackers often reuse code in new malware). Additionally, these advanced heuristics sniff out obfuscated malware, since they utilize file decomposition techniques to uncover malware hidden within attachments such as Office documents, ZIP files, or PDFs.

Next, Email uses comprehensive link following technology to provide the strongest protection against spear phishing links. Unlike most vendors, who rely on reactive blacklists or signatures to stop spear phishing links, Symantec follows and evaluates suspicious links in real-time before an email is even delivered. This is significant because many spear phishing attacks contain brand-new links that signatures or blacklists will typically miss. While some solutions will follow redirected links for one or two hops, Email follows links through multiple hops to their final destination, even when evasion techniques such as shortened URLs or time-based delays are used. Furthermore, any files found at the final destination link are downloaded and scanned by our advanced heuristics to determine if they are malicious.

Finally, Symantec identifies the most stealthy and persistent threats through insights from the Symantec Global Intelligence Network, the world’s largest civilian threat intelligence network which provides global visibility into the threat landscape. With over 175 million endpoints, 80 million web proxy users, and 57 million attack sensors across 157 countries, the Symantec Global Intelligence Network helps deliver better security outcomes by collecting and analyzing massive amounts of intelligence.

Driving Innovation for Customers and the Industry

When combined, these capabilities result in the most effective and accurate email security solution in the industry. We’re always looking to improve this solution through our competitive tests, which help us strengthen and enhance our solution to stay ahead of the latest threats and continue to be a trusted cybersecurity partner for customers.

To learn more about Symantec Email, please visit

Find out more about the latest release of Symantec Email by watching our webcast on Comprehensive Protection and Visibility into Advanced Email Attacks.


Follow us on Twitter: @SymantecEmail

Join the Symantec Email Security Community!



0 Favorited
0 Files

Tags and Keywords

Related Entries and Links

No Related Resource entered.