BitDam ATP for Email is a detection and prevention solution that scans content in the cloud pre-delivery of all channels and all apps, in one place. It fetches files and links, scans them, and quarantines those that are malicious. Solutions are integrated with BitDam through the API.
The detection engine features CPU level application learning to build a whitelist for applications like Microsoft Word, Adobe Reader and Chrome. Learning how they operate at the CPU level allows for monitoring OP codes and dynamic analysis. It is agnostic to any attack form, behavior and evasion technique.
BitDam makes it safe to click links by proactively stopping applications from executing alien code. It blocks attacks at their source for known and unknown vulnerabilities, hardware and logical exploits, and N-Day and Zero-Day attacks. It features an execution validation that characterizes documents with colorful flow. A weaponized file, alien code that does not belong to a whitelist, is added to the blacklist and marked as malicious.
BitDam prides itself on fast detection compared to six-day response time of other vendors out of the water. The company makes cybersecurity proactive with high detection rates, forever protected applications (no security updates necessary to detect new attacks), immediate attack blocking pre-delivery with low 15-second latency, and near zero false-positives.
The dashboard is clean and features colorful graphics that allows users to delve into different components for information like raw data and the attributes that identified blocked files as malicious, including flash exploit and the ability to detect a zero-day exploit.
Users can open a malicious payload in VirusTotal and download it as a zip file to see the flow, a graphical representation of all the flows inside the application. This is extremely important for investigative purposes.
The management page shows who is permitted to view the dashboard and can be used to invite new users, change roles, add two-factor authentication
(2FA), and enable/disable features users are permitted access. Users can generate API tokens using rest API with permission.
The emails page features counters for categories like amount quarantined or transferred and includes a trend chart showing traffic over time with attachments.
BitDam told us it has plans to expand support and collaboration to include self-service support to make investigating the roadmap easier. What we saw during the demo was very messy and hard to read. The company is working to make it more understandable and user-friendly. When cleaned up, we believe this will be a good addition to the visibility the customers have into their email security posture.
Allowing partners to work with the product is a challenge for SOC teams, and BitDam is trying to improve that aspect, making it a primary objective to expand the partner view to include more participation capabilities through the dashboard.
Pricing begins at $1-$2 per address, per month. BitDam also includes volume pricing. Support is available at no cost, 8/5. Extended Support is available 24/7 for an additional $1 per user, per year. Support types include phone, email and a website widget that will soon be added to the dashboard. Online support with how-to documentation assists with integrations.
Tested by Matthew McMurray