About Deep Discovery Email Inspector

Deep Discovery Email Inspector stops sophisticated targeted attacks and cyber threats by scanning, simulating, and analyzing suspicious links and attachments in email messages before they can threaten your network. Designed to integrate into your existing email network topology, Deep Discovery Email Inspector can act as a Mail Transfer Agent in the mail traffic flow or as an out-of-band appliance silently monitoring your network for cyber threats and unwanted spam messages.

What's New

Table 1. New Features in Deep Discovery Email Inspector 3.6

Feature

Description

MITRE ATT&CK™ Framework Tactics and Techniques information

Deep Discovery Email Inspector includes MITRE ATT&CK™ Framework Tactics and Techniques information in analysis reports.

Email Encryption

Email Encryption allows Deep Discovery Email Inspector to perform the following tasks based on policy settings:

  • Decrypt messages encrypted using Trend Micro Identity-Based Encryption (IBE) for scanning

  • Encrypt messages for secure delivery in MTA mode

Enhanced email submission

Deep Discovery Email Inspector supports MSG sample files for email submissions.

Enhanced policy settings

You can configure policies in Deep Discovery Email Inspector to scan messages based on the message direction (inbound, outbound, or inbound or outbound).

Deep Discovery Email Inspector determines the direction of a message using the internal domain list that you configure.

Internal domain list

The internal domain list allows Deep Discovery Email Inspector to determine the message direction for policies.

Deep Discovery Director 5.1 support

Deep Discovery Email Inspector supports integration with Deep Discovery Director 5.1 to enable the following:

  • Central management of file passwords and Email Encryption settings

  • Synchronization of file SHA-1, file SHA-256, and URL suspicious objects

  • Server port configuration for Deep Discovery Director registration

Deep Discovery Email Inspector also sends logs with email encryption results, and YARA rule detection and message direction information to Deep Discovery Director for central reporting.

Enhanced Virtual Analyzer

The Virtual Analyzer has been enhanced to include the following features:

  • New file types (.mht, .com, and .ics) for sandbox analysis

  • Windows 10 RS4, RS5, and Enterprise 2019 LTSC image support

  • Microsoft Office 2019 application support in Virtual Analyzer images

  • URL submission filtering

Enhanced YARA rule feature

The enhanced YARA rule feature includes the following on the Detections screens:

  • YARA detection information

  • YARA rule file name and YARA rule name filtering

Improved detection capability

Deep Discovery Email Inspector provides increased protection by improving its detection capabilities. This release supports the following:

  • Executable object removal from Microsoft Office files for file sanitation

  • File SHA-256 suspicious objects for message scanning

  • Virtual Analyzer submission priority setting for threat policy rules

File password export

Deep Discovery Email Inspector allows you to export all file passwords to your computer.

New action for unscannable messages

For unscannable messages that are quarantined, you can set Deep Discovery Email Inspector to open password-protected attachments using specified passwords and perform threat scans on messages.

New alert notification

Deep Discovery Email Inspector provides a new alert notification for unsuccessful message encryption and decryption.

Management console session timeout

Deep Discovery Email Inspector allows you to configure the default session timeout for the management console.

Inline migration support

Deep Discovery Email Inspector provides users with the option of automatically migrating the settings from the following versions to 3.6:

  • Deep Discovery Email Inspector 3.5

  • Deep Discovery Email Inspector 3.2

  • Deep Discovery Email Inspector 3.1