E mail remains to be probably the most dependable means for an attacker to get inside your group. Not as a result of perimeter defences are weak — however as a result of electronic mail is designed to be opened. The actual query for any safety staff will not be whether or not threats arrive within the inbox, however whether or not they get stopped earlier than anybody can act on them.
Cisco Safe E mail Menace Protection (ETD) is constructed round that premise: intercept threats on the level of supply, decisively, with out disrupting the circulation of authentic communication. That promise was not too long ago independently validated. ETD earned the AAA award — the very best doable score — within the Could 2026 SE Labs Superior E mail Safety Analysis, reaching a 94% Complete Accuracy Score throughout all examined menace classes.
The Menace Panorama ETD Is Designed For
Trendy electronic mail assaults don’t arrive in a single taste. The organizations we shield face a relentless mixture of commodity phishing, evolving malware supply, and the far more durable downside of Enterprise E mail Compromise — assaults that carry no payload, no malicious hyperlink, only a convincing request from somebody who appears precisely like a trusted contact.
The impartial analysis examined ETD in opposition to all 4 of those classes concurrently, utilizing actual assault strategies modeled on energetic menace teams — from APT29’s ransomware-laden PDF campaigns focusing on analysis establishments, to FIN7’s backdoor malware focusing on retail and finance, to North Korea’s AppleJeus group operating drive-by obtain assaults in opposition to the cryptocurrency sector. These usually are not theoretical situations. They’re the precise strategies used in opposition to actual organizations right now.
Efficiency Throughout Each Menace Class
ETD detected 478 of 486 threats — a 98% detection fee. Extra importantly, each single menace ETD detected was additionally stopped or blocked earlier than it may attain the consumer. Detection with out motion will not be safety. ETD does each.
Phishing & Social Engineering — Zero Inbox Compromise
Phishing and social engineering collectively signify the very best quantity of assaults most organizations face. Towards 300 phishing makes an attempt — together with QR code-based quishing and evasion strategies utilizing Google Translation hyperlinks — ETD achieved 100% safety. Each electronic mail was quarantined underneath admin management or stopped outright. Not one reached an inbox.
The identical end result held throughout 100 social engineering samples: FBI impersonation scams, faux cost urgency requests, lottery fraud, fund beneficiary scams. Each one quarantined. None accessible to finish customers.
That is the place ETD delivers probably the most quick, measurable worth for safety groups. The best-volume assault classes are utterly neutralised — lowering alert fatigue, eliminating consumer threat publicity, and eradicating the necessity for subject-line warnings that workers be taught to disregard.
Malware — 97% Stopped Towards Nation-State Methods
Malware supply through electronic mail is a unique problem: evasive, polymorphic, and more and more tied to classy menace actors. Towards 60 malware samples — spanning ransomware supply from APT29 and APT-C-36, C2 backdoors from Gamaredon and Higaisa, and the FIN7 shellcode campaigns — ETD stopped 58. 22 have been stopped silently, 8 have been rejected with sender notification, and 28 have been quarantined for admin overview.
2 emails did attain the inbox. We’re clear about that. In each instances these have been superior, evasive samples. The 97% safety fee in opposition to nation-state-grade malware supply strategies is a robust end result — and the accuracy score displays the two misses with applicable penalty factors.
For organizations in vitality, monetary companies, authorities, and retail — the first targets of the menace teams examined right here — a 97% block fee in opposition to strategies particularly designed to evade detection represents a big discount in breach threat.
Enterprise E mail Compromise — The Hardest Downside in E mail Safety
BEC deserves a frank dialog. It’s the hardest assault class in electronic mail safety — for any vendor, any product, any structure. These assaults carry no malware. No phishing hyperlink. No attachment. A BEC electronic mail is, technically, a clear message. The menace is totally within the intent: impersonating a CEO to authorise a wire switch, or a provider to redirect a cost.
Towards 26 BEC samples — constructed utilizing look-alike domains and simulated provider relationships to imitate real-world assaults — ETD caught 20. That could be a 77% detection fee: 3 stopped, 13 quarantined, 1 rejected, 2 neutralised via content material enhancing, and 1 appropriately routed to junk. 6 reached the inbox.
77% is an sincere quantity, and it’s meaningfully forward of what unprotected Microsoft 365 or Google Workspace will catch on their very own. However no electronic mail safety product eliminates BEC totally. We advocate pairing ETD’s detection capabilities with government verification workflows for high-value monetary requests — a layered method that addresses the hole that know-how alone can not shut.
Safety That Doesn’t Get within the Method
A safety rating solely tells a part of the story. A system aggressive sufficient to dam all the pieces would rating completely on threats — and destroy productiveness within the course of. The steadiness between safety and usefulness is the place many merchandise fall brief.
Of 110 authentic messages despatched via ETD through the analysis, 99 arrived immediately within the inbox with none modification. 11 have been routed to junk — accessible to customers, not misplaced. Zero authentic emails have been blocked outright.
0 authentic emails blocked. Each message remained accessible. The 11 routed to junk have been reachable — a minor inconvenience, not a misplaced communication.
This steadiness — 98% menace detection alongside zero onerous false positives — is what the 94% Complete Accuracy Score displays. It isn’t a single metric optimised in isolation. It’s the mixed rating of catching threats decisively and maintaining the inbox useful.
What Impartial Validation Means for Your Safety Technique
Each electronic mail safety vendor publishes detection charges. What impartial testing supplies is one thing a datasheet can not: validation underneath adversarial situations, with actual menace intelligence, by a corporation with no stake within the end result.
The analysis used documented assault strategies from menace teams actively focusing on governments, monetary establishments, and demanding infrastructure. ETD’s efficiency in that context — not in a lab, not with sanitised samples — is probably the most dependable indicator of the way it will carry out in your atmosphere.
The AAA score displays well-rounded efficiency throughout the complete menace spectrum: decisive on high-volume threats, sturdy in opposition to refined malware, sincere in regards to the limits of know-how in opposition to BEC, and cautious to not over-block authentic communication. That’s the usual we maintain ourselves to — and the usual that impartial analysis confirms we’re assembly.
Learn the full report for extra perception into ETD’s complete electronic mail safety capabilities.
All efficiency information sourced from the SE Labs Superior Safety Take a look at Report — E mail (Safety), Cisco Safe E mail Menace Protection, Could 2026 (v1.0). Take a look at carried out 1–7 April 2026. SE Labs Ltd, ISO/IEC 27001:2022 Licensed.
