What is Email Security?
Email Security protects the content of an email account or service and limits access to it.
Our Email Security products
- Email Security
1 – Identify
Develop the organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities.
2 – Protect
Develop and implement the appropriate safeguards to ensure delivery of critical infrastructure services
3 – Detect
Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event.
4 – Respond
Develop and implement the appropriate activities to take action regarding a detected cybersecurity event.
5 – Recover
Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.
– Real-time Anti-malware Scanning
– Incorporate multiple layers of scanning such as online threat detection, reputation and heuristics to block viruses in email attachments. Anti-spam Filtering
– Real-time anti-spam and anti-phishing protection for inbound and outbound email removes spam, potentially harmful emails, time wasting messages and bogus messages. Outbound Protection
– In the event of a spam outbreak on your network, CensorNet Email Security can protect outbound email volumes to help contain the problem. Safe and Deny Lists
– Create company-wide or personal (per user) Safe & Deny lists. Rules Engine
– Numerous conditional triggers are available to control email delivery. Messages can be filtered based on size, keywords, spam score, time, source, destination, attachments and more. Dictionary Filtering
– Create an unlimited number of “dictionaries” which may contain text strings such as email addresses or keywords and be used as part of the rules engine to trigger actions. Transport Layer Security (TLS).
CensorNet’s Email Security is a cloud based solution which provides the tools you need to keep your organization safe from email threats. It protects inbound and outbound emails by using multi-layered security combined with a sophisticated intuitive rules engine, which includes a mechanism to defeat threats like ransomware so enabling your organization to continue working, safe in the knowledge that all email activity is secure.
Better protected 24×7
Complex rules. Made easy.
No hardware. No software.
When email goes down, work goes on.
Quick and Easy Deployment – Redirect domain MX records to CensorNet Email Security cloud. CensorNet Email Security will then forward clean messages to the local email server.
Web Application Firewall (WAF)
Enterprise-class Web Application Firewall.
- Ability to meet appliance PCI DSS requirements
- Protection against all OWASP Top 10 and / or PCI DSS Requirement 6.5
- Ability to allow, alert or block web application input based on rules
- Prevent data leakage or cardholder information
- Enforce both whitelisting and blacklisting
- Inspect all web page content, e.g. HTML, DHTML, CSS over HTTP/HTTPS
- Inspect web services messages, e.g SOAP and XML
- Defend against direct threats to the Web Application Firewall
- Support SSL or TLS termination
Zenedge Web Application Firewall (WAF) service is a PCI DSS Compliant robust solution and can be utilized for our customers to comply with PCI DSS by making Requirement 6.6 easy and stress-free for your team. PCI requirement6.6 was designed to directly address the threat against Ecommerce web applications and in general applications capturing credit card numbers. A Web Application Firewall wil not only provide an extra layer of protection against software vulnerabilities that may be inadvertenltly created by the web development tem, but also any inherent software vulnerabilities that may be built into the vendor web application itself, especially zero-day vulnerabilities where the vendor does not have a patch released yet. As a bonus, it’s all that’s required to satisfy PCI DSS 6.6.
Cloud based, Network Layers 3,4,7. Can do website vulnerability assessments, have template for presenting results.
Unified Security Service
Censornet USS enables you to monitor and control Web, Email and Cloud Application use to provide complete security for your organisation from one dashboard.
- Cloud Application Visibility
- Cloud Application Control
- Safe anywhere on any device
- Safe Web Access
- Email Security
- Safe from Malware
- Analytics across email, web and applications
- Fast and Unobtrusive
Censornet USS enables you to monitor and control Web, Email and Cloud Application use to provide complete security for your organisation from one dashboard. You can protect your employees, whether in the office or mobile, against cyber-attacks, and accidental or malicious leaks of sensitive data. Keeping your organisation safe from from the risks associated with the rapid growth in cloud applications, and the emergence of Shadow IT. USS is a comprehensive cyber security service that combines modules for the security, monitoring and control of web, email and cloud application across your network in one dashboard and logging service, meaning that common policies can be easily applied and incidents tracked across different media. USS provides the security and control of an on-premise or end point component with the flexibility and mobility of a cloud service. It is the next generation in Email and Web security with Cloud Application Control giving you the power to extend web access policies to Bring Your Own Device initiatives and to monitor and control Shadow IT.
- Software for Networks
- Available as a downloadable software, CensorNet’s Cloud Gateway software can be deployed on a virtual server or physical server in less than 30 minutes to extend security policies to the entire network
- Agent Software for Roaming Users or Standalone Devices
- Microsoft Windows agent that enforces policies on the device. Tamper proof and simple to deploy either with an install wizard or scripted via Active Directory Group Policy. Mac OS X version will be available soon.
- Secure Browser for iOS
- A secure browser app for iOS6 and above provides an alternative to Safari which extends the web access controls to the mobile device
- Highly optimised for large networks, the solution takes advantage of multiple processors, all available RAM and has a 64-bit architecture
- Deployment Modes
- Agent software, Direct proxy (set by group policy, WPAD or manually), or gateway mode for guest, BYOD or non-domain devices
- WPAD Support
- Automatic creation of Web Proxy Automatic Discovery (WPAD) file based on network configuration
- BYOD Captive Portal
- The Captive Portal allows existing users or guests to adopt BYOD and log in from those devices with valid user credentials e.g. Active Directory
The overall objective of penetration testing is to provide an independent and reliable view of the security of the internet-facing infrastructure of an IT environment.
Penetration testing is recommended annually, and in the event of major changes to your infrastructure. It is essential for companies holding intellectual property, information linked to personal identities, or financial information such as credit card data – and is often mandated by regulators. Penetration testing will help:
- Prevent severe financial losses that could arise due to unreliable infrastructure or fraud
- Provide the necessary proof of due diligence for regulators, customers, and shareholders
- Protect the brand from the dreadful loss of reputation
Penetration testing is a crucial element in securing your IT systems. Our team of experts can simulate an attack on multiple levels to determine whether sensitive data is at risk. The overall objective of penetration testing is to provide an independent and reliable view of the security of the internet-facing infrastructure of an IT environment. The assessment identifies weaknesses and vulnerabilities and quantifies the severity thereof – providing the information needed to address and control the threats.
Penetration testing is a ‘mock’ or staged attack to identify vulnerabilities in information systems. Our testers, ‘white hat hackers’, put themselves in the position of someone determined to gain access to resources without knowledge of usernames, passwords and other normal means. Like a hacker or cyber criminal, they try every trick in the book, every possible plan of attack. They find the ways applications could be modified, and confidential information such as price lists or customer databases stolen or subverted. They then provide a report – explaining how they ‘broke in’ and how an organisation can avoid it happening ‘for real’.