{"id":17114,"date":"2026-06-16T15:40:00","date_gmt":"2026-06-16T15:40:00","guid":{"rendered":"https:\/\/dmsretail.com\/RetailNews\/independent-testing-confirms-secure-email-threat-defenses-email-security-strength\/"},"modified":"2026-06-16T15:40:00","modified_gmt":"2026-06-16T15:40:00","slug":"independent-testing-confirms-secure-email-threat-defenses-email-security-strength","status":"publish","type":"post","link":"https:\/\/dmsretail.com\/RetailNews\/independent-testing-confirms-secure-email-threat-defenses-email-security-strength\/","title":{"rendered":"Independent Testing Confirms Secure Email Threat Defense\u2019s Email Security Strength"},"content":{"rendered":"

\"Retail<\/a><\/p>
\n<\/p>\n

\n

Email is still the most reliable way for an attacker to get inside your organization. Not because perimeter defences are weak \u2014 but because email is designed to be opened. The real question for any security team is not whether threats arrive in the inbox, but whether they get stopped before anyone can act on them.<\/p>\n

Cisco Secure Email Threat Defense (ETD) is built around that premise: intercept threats at the point of delivery, decisively, without disrupting the flow of legitimate communication. That promise was recently independently validated. ETD earned the AAA award \u2014 the highest possible rating \u2014 in the May 2026 SE Labs Advanced Email Security Evaluation, achieving a 94% Total Accuracy Rating across all tested threat categories.<\/p>\n

The Threat Landscape ETD Is Designed For<\/h2>\n

Modern email attacks do not arrive in one flavor. The organizations we protect face a constant mix of commodity phishing, evolving malware delivery, and the far harder problem of Business Email Compromise \u2014 attacks that carry no payload, no malicious link, just a convincing request from someone who looks exactly like a trusted contact.<\/p>\n

The independent evaluation tested ETD against all four of these categories simultaneously, using real attack techniques modeled on active threat groups \u2014 from APT29\u2019s ransomware-laden PDF campaigns targeting research institutions, to FIN7\u2019s backdoor malware targeting retail and finance, to North Korea\u2019s AppleJeus group running drive-by download attacks against the cryptocurrency sector. These are not theoretical scenarios. They are the actual techniques used against real organizations today.<\/p>\n

Performance Across Every Threat Category<\/h2>\n

ETD detected 478 of 486 threats \u2014 a 98% detection rate. More importantly, every single threat ETD detected was also stopped or blocked before it could reach the user. Detection without action is not protection. ETD does both.<\/p>\n

Phishing & Social Engineering \u2014 Zero Inbox Compromise<\/strong><\/p>\n

Phishing and social engineering together represent the highest volume of attacks most organizations face. Against 300 phishing attempts \u2014 including QR code-based quishing and evasion techniques using Google Translation links \u2014 ETD achieved 100% protection. Every email was quarantined under admin control or stopped outright. Not one reached an inbox.<\/p>\n

The same outcome held across 100 social engineering samples: FBI impersonation scams, fake payment urgency requests, lottery fraud, fund beneficiary scams. Every one quarantined. None accessible to end users.<\/p>\n

This is where ETD delivers the most immediate, measurable value for security teams. The highest-volume attack categories are completely neutralised \u2014 reducing alert fatigue, eliminating user risk exposure, and removing the need for subject-line warnings that employees learn to ignore.<\/em><\/p>\n

\"\"

\"\"

Malware \u2014 97% Stopped Against Nation-State Techniques<\/strong><\/p>\n

Malware delivery via email is a different challenge: evasive, polymorphic, and increasingly tied to sophisticated threat actors. Against 60 malware samples \u2014 spanning ransomware delivery from APT29 and APT-C-36, C2 backdoors from Gamaredon and Higaisa, and the FIN7 shellcode campaigns \u2014 ETD stopped 58. 22 were stopped silently, 8 were rejected with sender notification, and 28 were quarantined for admin review.<\/p>\n

2 emails did reach the inbox. We are transparent about that. In both cases these were advanced, evasive samples. The 97% protection rate against nation-state-grade malware delivery techniques is a strong result \u2014 and the accuracy rating reflects the 2 misses with appropriate penalty points.<\/p>\n

For organizations in energy, financial services, government, and retail \u2014 the primary targets of the threat groups tested here \u2014 a 97% block rate against techniques specifically designed to evade detection represents a significant reduction in breach risk.<\/em><\/p>\n

\"\"

Business Email Compromise \u2014 The Hardest Problem in Email Security<\/strong><\/p>\n

BEC deserves a frank conversation. It is the hardest attack category in email security \u2014 for any vendor, any product, any architecture. These attacks carry no malware. No phishing link. No attachment. A BEC email is, technically, a clean message. The threat is entirely in the intent: impersonating a CEO to authorise a wire transfer, or a supplier to redirect a payment.<\/p>\n

Against 26 BEC samples \u2014 constructed using look-alike domains and simulated supplier relationships to mimic real-world attacks \u2014 ETD caught 20. That is a 77% detection rate: 3 stopped, 13 quarantined, 1 rejected, 2 neutralised through content editing, and 1 correctly routed to junk. 6 reached the inbox.<\/p>\n

77% is an honest number, and it is meaningfully ahead of what unprotected Microsoft 365 or Google Workspace will catch on their own. But no email security product eliminates BEC entirely. We recommend pairing ETD\u2019s detection capabilities with executive verification workflows for high-value financial requests \u2014 a layered approach that addresses the gap that technology alone cannot close.<\/em><\/p>\n

\"\"

Security That Doesn\u2019t Get in the Way<\/h2>\n

A protection score only tells part of the story. A system aggressive enough to block everything would score perfectly on threats \u2014 and destroy productivity in the process. The balance between security and usability is where many products fall short.<\/p>\n

Of 110 legitimate messages sent through ETD during the evaluation, 99 arrived directly in the inbox without any modification. 11 were routed to junk \u2014 accessible to users, not lost. Zero legitimate emails were blocked outright.<\/p>\n

0 legitimate emails blocked<\/em><\/strong>. <\/strong>Every message remained accessible. The 11 routed to junk were reachable \u2014 a minor inconvenience, not a lost communication.<\/p>\n

This balance \u2014 98% threat detection alongside zero hard false positives \u2014 is what the 94% Total Accuracy Rating reflects. It is not a single metric optimised in isolation. It is the combined score of catching threats decisively and keeping the inbox functional.<\/p>\n

What Independent Validation Means for Your Security Strategy<\/h2>\n

Every email security vendor publishes detection rates. What independent testing provides is something a datasheet cannot: validation under adversarial conditions, with real threat intelligence, by an organization with no stake in the outcome.<\/p>\n

The evaluation used documented attack techniques from threat groups actively targeting governments, financial institutions, and critical infrastructure. ETD\u2019s performance in that context \u2014 not in a lab, not with sanitised samples \u2014 is the most reliable indicator of how it will perform in your environment.<\/p>\n

The AAA rating reflects well-rounded performance across the full threat spectrum: decisive on high-volume threats, strong against sophisticated malware, honest about the limits of technology against BEC, and careful not to over-block legitimate communication. That is the standard we hold ourselves to \u2014 and the standard that independent evaluation confirms we are meeting.<\/p>\n

Read the full report for more insight into ETD\u2019s comprehensive email security capabilities.<\/p>\n

\u00a0<\/p>\n

\u00a0<\/p>\n

All performance data sourced from the SE Labs Advanced Security Test Report \u2014 Email (Protection), Cisco Secure Email Threat Defense, May 2026 (v1.0). Test conducted 1\u20137 April 2026. SE Labs Ltd, ISO\/IEC 27001:2022 Certified.<\/em><\/p>\n<\/p><\/div>\n

\"Retail<\/a><\/p>
<\/p>\n","protected":false},"excerpt":{"rendered":"

Email is still the most reliable way for an attacker to get inside your organization. Not because perimeter defences are weak \u2014 but because email […]<\/p>\n","protected":false},"author":1,"featured_media":17115,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-17114","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/dmsretail.com\/RetailNews\/wp-json\/wp\/v2\/posts\/17114","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dmsretail.com\/RetailNews\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dmsretail.com\/RetailNews\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dmsretail.com\/RetailNews\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dmsretail.com\/RetailNews\/wp-json\/wp\/v2\/comments?post=17114"}],"version-history":[{"count":0,"href":"https:\/\/dmsretail.com\/RetailNews\/wp-json\/wp\/v2\/posts\/17114\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dmsretail.com\/RetailNews\/wp-json\/wp\/v2\/media\/17115"}],"wp:attachment":[{"href":"https:\/\/dmsretail.com\/RetailNews\/wp-json\/wp\/v2\/media?parent=17114"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dmsretail.com\/RetailNews\/wp-json\/wp\/v2\/categories?post=17114"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dmsretail.com\/RetailNews\/wp-json\/wp\/v2\/tags?post=17114"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}