EveryCloud Technologies    

The Following article provides a Overview of the Features of the Advanced Threat Protection (ATP) Service. Please read it carefully.


EveryCloud ATP integrates seamlessly into the spam and virus filter. Mails that have passed this first examination will undergo further detailed analyses. Amongst others, the service opens the attached files and is closely checking its behavior.

Functions and Features

Standard Features Activated by default

  • Sandbox Engine

Attachments are executed in a variety of system environments and their behaviour analysed. If it turns out to be malware, a notification is sent. Protects against ransom-ware and blended attacks.

  • Freezing

Emails that cannot immediately be clearly classified but look suspicious are retained for a short period by freezing. A further test is later performed with updated signatures. Protects against ransom-ware, blended attacks and phishing attacks.

  • URL Scanning

A document (such as PDF, Microsoft Office) attached to an email may contain links. However, these cannot be replaced, as this would violate the integrity of the document. The Hornet Security URL scanning engine leaves the document in its original form and only checks the target of such links.

Additional Features Activated by EveryCloud Support

  • Targeted fraud forensics

The service is responsible for identifying and preventing spear phishing attacks that target mainly departments or single persons in the company having the authority to release any possible bank transfers.

The mechanism is only intended to cover a few decision-makers within the company. There will be no global check on the domain. Customer support will need a list of email addresses to be checked in to enable the service for you.

Targeted fraud forensics detects targeted personalized attacks without malware or links.
The following detection mechanisms are used for this:

  • Intention recognition system: alerting about content patterns that indicate malicious intent
  • Fraud attempt analysis: checks the authenticity and integrity of metadata and email content
  • Identity spoofing recognition: detection and blocking of forged sender identities
  • Spy-out detection: counter-espionage against attacks seeking to obtain information needing protection
  • Feign facts identification: content analysis of messages based on provision of feigned facts
  • Targeted attack detection: detection of targeted attacks on individuals

Further information: http://support.everycloud.com/solution/articles/4000115634-atp-url-rewriting.

  • URL rewriting

URL Rewriting is responsible for testing URL's in incoming emails for any harmful content. To do so, the mechanism will rewrite any identifiable URLs in incoming emails in such a manner, that any URL opened from the email will be rerouted through our ATP filter, which acts as a web proxy and scans the content of the website before forwarding the user to the webpage.

Further information: http://support.everycloud.com/solution/articles/4000115634-atp-url-rewriting.

Additional Features coming soon

  • Ex post alerts

With ex-post alerts, your IT security team receives an automatic notification if an e-mail that has already been delivered is subsequently classified as harmful. You receive a detailed analysis of the attack so that you can take action immediately, such as checking systems or alerting your own employees. This permits rapid containment of a dangerous situation..

  • Live Threat Monitoring

This provides ATP customers with statistics that show all threats in a desired period of time according to different categories. In addition, the Live Attack Map shows all attacks in this moment with source, target and type of attack.