Connect with us at the Gartner® Security & Risk Management Summit June 9-11. Learn More

Request a Demo

Connect with us at the Gartner® Security & Risk Management Summit June 9-11. Learn More

Request a Demo
Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

View All Trustwave Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Global researchers, ethical hackers, and responders
Trustwave Fusion Security Operations Platform
Unprecedented security visibility and control
Trustwave Security Colony
Access to cybersecurity threat protection resources
Partners
Microsoft Security
Unlock the full power of Microsoft Security
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP

Why Microsoft Email Security Benefits from a Layered Approach

2 Minute Read

The best secure email gateways mimic the tried and true “defense in depth” cybersecurity strategy by using a layered approach, including advanced features that make effective use of AI.

The results are compelling, especially when two email security tools are used together, such as employing an additional secure email gateway to augment Microsoft Defender for Office 365 email security.

It's tempting to rely solely on the security tools Microsoft offers to detect spam, malware, phishing, and other email threats, especially for organizations under the E5 license that includes such offerings. But tests show the combination of layering MailMarshal on top of Microsoft M365 (E3 or E5) reduces email-based threats within your environment by more than 99%. (Read more about the benefits of using MailMarshal with Microsoft 365).

Microsoft is the de facto standard for email and collaboration tools, which makes those tools a primary target for threat actors trying to trick unsuspecting users into revealing their credentials. And all it takes is a single success to cause a major breach across your business.

 

Next-Gen Email Security Features

A layered approach to security, combined with the strategic use of AI, can help companies fight back.

At a minimum, any secure email solution should include technologies including:

  • Proprietary phishing and business email compromise (BEC) protection layers.
  • Checking the IP reputation of a sender, such as by using a third-party reputation service that lists email servers associated with spamming, open relays, and other nefarious behavior.
  • Checking each email against a database of signatures of reported spam based on a combination of factors, including user reports and source reputation.
  • SPF, SKIM and DMARC configurations.
  • Multiple anti-virus engines.
  • Ability to detect both known and zero-day threats.
  • Sandboxing.
  • Email policy settings.

Consider those features table stakes. More advanced secure email gateways will include protections that employ AI and machine learning (ML) capabilities.

Trustwave MailMarshal, for example, employs multiple AI/ML engines for varying purposes. Its image analyzer feature, for example, uses AI algorithms to interpret visual content and detect patterns that indicate threats, including malicious QR codes, or quishing. MailMarshal’s sandboxing capability employs AI algorithms to recognize patterns and anomalies to identify malware threats that may not be evident through traditional signature-based methods.

MailMarshal also employs PageML , a Trustwave-developed URL scanning system that combines machine learning (ML), deep learning, and human-made heuristic rule elements to identify suspicious URLs and webpages. In short, PageML goes further than tools that rely solely on reputational checks to identify suspicious URLs and web pages, helping protect clients against the unknown.

 

M365 + MailMarshal: Defense in Depth

Combining the proprietary defense filters in Trustwave MailMarshal with the built-in security protections in Microsoft 365 and Microsoft email security delivers unprecedented detection.

Trustwave conducted tests with an organization of some 3,000 full-time employees that collectively receive about 100,000 emails per day, or around 36.5 million per year. The organization’s Microsoft E5 Defender for Office tool missed 618 threats (malware, phishing and BEC) over the span of a year. However, MailMarshal caught all but six of the threats that Microsoft missed. That means layering MailMarshal on top of Microsoft security reduced the threat risk by more than 99%.

 

TWBlog-050225-Layered

 

It takes only a single threat to cause real damage, so even a slight percentage increase in threats caught can be significant. Given that, the kind of threat reduction achieved by layering MailMarshal on top of Microsoft email security tools is substantial, making for a compelling business case.

MailMarshal has been delivering this kind of success for 25 years, during which time not a single client has reported a ransomware infection or major incident.

Learn more about MailMarshal and how its layered approach can help protect your organization from email-borne threats.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Perspectives Vulnerabilities Microsoft Security Email Security

Latest Intelligence

Why Offensive Security Is Crucial for Retail Resilience
From Facebook Ad to Near Breach: The Power of Threat Hunting in Modern MDR
UK Cyber Security Survey 2025: Ransomware on the Rise, Phishing Still Reigns

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo