The mechanism to insert disclaimers (i.e., banners) into inbound emails has been enhanced dramatically.

Now, you have complete freedom over all your disclaimers in one easy-to-use dashboard. You can preview, enable and disable them directly from the settings tab in your X-Ray account. 

You can customize how they will appear (the design) and who will see them at what time with our Complimentary Concierge Service.

Out of the box disclaimers (you can ask for additional disclaimers based on your needs) include:

• External. Displayed when an email is sent from someone outside the organization. 
• External - First Time. Displayed when an email is sent from someone outside the organization who is sending an email for the first time to the user.  
• Unscanned Password Protected. Displayed when an email includes a password-protected file that was only partially scanned.                                                           
• Display Name Deception. Displayed when an email is sent from a user impersonating someone in your organization.                                                          
• Spoofed Domain. Displayed when an email is sent from a domain impersonating another domain.                    
• Different Origin. Displayed when an email is sent from someone who is sending the email from a different path than his usual.    
• SPF Hard Fail. Displayed when an email is sent from IP that is not authorized for the domain it was sent from Disable.

VIP users are more vulnerable to impersonation attacks, making it extremely important that you stay on top of these accounts quickly and easily. 

You can now see which users are defined as VIP and Display Name Protected in X-Ray and you can add/edit them by yourself.

Access the VIP users screen from the top menu on the right.

To provide you with all the information you need to make data-driven decisions, we made it easy for you to see the top threats in a convenient way--in lists directly from your Insights Dashboard that can expand from 5 up to 100. These lists feature the 100 most attacked people, the 100 most malicious senders, and the 100 most impersonated brands.

It's now possible to do an advanced search of all scans to search for the following:

• Password-protected files that have been opened and scanned already
• Password-protected files that have not been opened and have only been partially scanned.

This new advanced search option is in addition to the options to search files by name, hash, type and mime type.

With X-Ray you can easily check whether files are clean or malicious using the self-analysis option.

You can also provide a password to make sure password-protected files are fully unpacked, so they can be scanned using both static and dynamic engines, making sure you receive the right verdict.

Unlike any other service, Perception Point offers your security team a direct link to our Incident Response team. Using the Request Investigation option in X-Ray, you can easily alert us about any email you think we got wrong, and we’ll take immediate action.

With our Office 365 and G Suite apps, we have taken this option to the next level by also allowing end-users to report on any suspicious email as well—both to your security team and to our Incident Response team, which will take the necessary measures.

For all emails marked as malicious, you will receive a detailed report. The system will then automatically retrieve all similar emails from all relevant email boxes—closing the remediation loop quickly.

The end-user reporting option is also available with the Microsoft Report Message Add-In. There's no need to install Perception Point's application. The only thing you have to do is configure a mailbox destination for the reports. Each will automatically be converted into “request investigation.”

https://appsource.microsoft.com/en-us/product/office/WA104381180

Internet Content Adaptation Protocol (ICAP) is a lightweight request/response-based protocol for executing a "remote procedure call" on HTTP messages.

ICAP servers are being used by various applications and are mainly used for virus scanning and content filtering.

We have now expanded our coverage to a countless number of channels by supporting ICAP, providing next-gen threat prevention against file-based attacks.

 X-Ray application is now available in the CrowdStrike Store. The application provides advanced holistic threat-containment solutions. 

The new containment process is simple and effective. When an attack is detected by the Falcon platform it notifies the X-Ray. The X-Ray automatically scans all organizational content-exchange channels (e.g., e-mail, cloud storage, CRM), to which it is connected, to map the extent of the breach, and immediately contains further transmission by deleting the content from all relevant places. 

VIP users are more vulnerable to impersonation attacks, making it extremely important that you stay on top of these accounts quickly and easily.

Now, we've made it even easier to stay on top of them. You can easily filter scans to see only VIP users and handle them faster.

You may need to contact our team to make sure the right users are defined as VIPs.