Egress has added advanced graymail detection capabilities to its cloud security offering. It is part of Egress Defend, and integrates into customers’ Microsoft 365 environments. The company claims it will improve employee productivity and reduce time spent reviewing false positive reports of phishing emails.
Tony Pepper, CEO of Egress, commented, “Graymail is an increasing drain on everyone’s time throughout an organization. From individual users through to IT and Cyber teams, who are often functioning with extremely tight resources. The launch of our advanced graymail detection within Egress Defend will boost productivity and free up valuable time across the business.
“While people are generally more cybersecurity-savvy than ever before, with this comes a high propensity for false alerts that take time to investigate. We’re excited to put this release in our customers’ hands and increase the value we can offer to them.”
What is graymail?
Egress says “Graymail is bulk solicited emails which are generally low priority and not malicious phishing attacks or unsolicited spam. On average, 34% of a user’s inbox can be classified as graymail.” That figure rises, claims Egress, to 54% of an executives mailbox. It goes on to say that only 3% of messages are ever opened.
For most people, that means they have signed up to a mailing list. It does not mean they have signed up on the internet, it could be they have attended a trade show and visited a stand where their ID was scanned.
Egress has identified a number of problems with graymail. One is that important emails are masked by the volume of graymail. Another is the time spent filtering the graymail or reading it instead of working. A more serious concern, however, is the reporting of graymail as spam. It results in cybersecurity teams spending time trying to verify the authenticity of the email.
What has Egress developed?
The Egress advanced graymail detection solution uses AI to tell the difference between real and threat. It is based on Egress’ patented phishing detection functionality. The company says it “uses zero trust models and neural networks to prevent behavioral-based threats. Applying this methodology, Egress surfaces priority messages within the inbox, while segmenting graymail into a separate folder.”
What is important here is that this isn’t a one-size-fits-all. When an email is determined to be graymail, it has an interactive banner attached and is moved to a separate folder. It allows each employee to take advantage of a simple workflow to decide what will happen to that email in future.
Another interesting feature here is the behaviour of Defend. It learns users’ preferences to speed things up. It will then use that information to speed up the customisation of graymail for each user.
Enterprise Times: What does this mean?
It is all too easy to get onto mailing lists without realising it. Some sites and services make it part of their sign-up process to get users to accept email marketing and newsletters. While Egress provides details on the volume of graymail in email boxes and how much is read, it doesn’t give any data on how many unsubscribe from graymail.
Irrespective of that, the volume of graymail is a problem that most email security vendors are trying to solve. Using AI and letting it learn from users’ preferences should start to reduce the amount of emails getting hidden inside graymail.
Just as importantly here, this is about reducing unnecessary time spent by cybersecurity teams dealing with false reports.