To enhance Perception Point's ability to prevent risky files from reaching end users, Perception Point manages a list of restricted file types, for example, executable files. Files of a restricted type can be blocked by Perception Point - regardless of whether the files are clean or malicious. Perception Point can block these file types even if the files are inside an archive file or behind a URL.

To block restricted file types, you need to first specify that these file types should be blocked. This is done in the list of verdicts to be quarantined, under Settings -> Preferences -> Detection.

Perception Point X-Ray lets you view the default list of restricted file types. If required, you can now manage your own set of restricted file types.

To manage your set of restricted file types, hover over your name on the right of the X-Ray toolbar, and then click Settings. Click Preferences, and then scroll down to the Restricted File Types section.

At Perception Point, we are continually improving our ability to detect malicious content in the files that we scan. We improved our MSI file scanning by adding the ability to unpack the MSI files in order to be able to extract and detect malicious payloads inside these files - in addition to the scans that we previously performed. 

This enhanced MSI detection functionality is automatically made available to all users of Perception Point - thereby further improving your email protection. 

Scans performed by Perception Point’s AES [Advanced Email Security] and ABS [Advanced Browser Security] can now be linked inside X-Ray. This means that if a URL was included somewhere inside an email, and the same URL was also accessed independently using an ABS-protected browser, the two resulting independent scans are now linked. This improves your ability to analyze the information from both scans.

You can access the linked scans under Extracted Path in the details view of the Scans page.

Conversation hijacking attacks occurs when bad actors insert themselves into ongoing email conversations - creating misconceptions that make the legitimate participants of the conversation believe that the hijackers are also legitimate participants.

Perception Point’s scanning engines now include the ability to detect conversation hijacking attempts. When a conversation hijack attempt is detected by Perception Point, the associated email is assigned a malicious scan verdict.

The new conversation hijacking detection functionality is automatically made available to all users of Perception Point’s email security.

Perception Point's new Sender Profiler gives you real-time insight into the traffic and reputation associated with the sender of each scanned email. The sender of an email is broken down into multiple components, and each component is analyzed separately, and where beneficial, together with other associated components.

• Traffic insights: The Traffic insights chart lets you see details of the traffic associated with an email sender, broken down by component, and displayed per verdict.
• Reputation analysis: The Reputation analysis spider-graph displays a real-time graphical representation of the data from Perception Point's reputation algorithms. Hover your cursor over the graph to show additional information.

The Sender Profiler is available for all email scans that have a spam or malicious verdict.

In the Insights page inside X-Ray, you can now configure the Top-X component that defines which attack vectors are shown. You can specify the attack options that will appear in the Top-X component, and the order in which these selected options will appear.
To configure the Top-X component, click the Settings icon on the right of the Top-X attack component.

We are continuously improving our ATO [account takeover] detection capabilities for Microsoft 365. The ATO detection functionality now analyzes additional inbox rules - such as "move to folder" and "delete messages" - to detect suspicious activity.

To implement ATO detection for Microsoft 365 in your organization, contact your Customer Success Manager at Perception Point.
 

The scan process control flow diagrams that are included as evidence in HAP scans now include code injection elements. This additional evidence helps you to better understand how an attacker is trying to perform malicious activities.

Web security is now part of the Perception Point portfolio - with our new Advanced Browser Security offering, adding enterprise-grade security to native Chrome and Edge browsers.

Advanced Browser Security delivers the unprecedented ability to isolate, detect, and remediate all malicious threats from the web, including phishing, ransomware, malware, APTs, and more, while also securing access to sensitive corporate apps, preventing data loss (DLP) by design on both managed and unmanaged endpoints.

Easily deploy via an isolated, secured Chrome or Edge browser or a browser extension, with no added cloud infrastructure or data center expenses.

For more information about Advanced Browser Security, see our Advanced Browser Security plans or contact your Customer Success Manager at Perception Point.