The 10 Most Popular Secure Email Gateways of 2022

On a daily basis there are billions of spam and phishing emails sent to unsuspecting targets. Fortunately, the vast majority of these never see a target’s inbox. Who do we have to thank for this? The dozens of Secure Email Gateway vendors that constantly monitor the web for new tactics and techniques these attackers may leverage to sneak into a target’s inbox.

What is a Secure Email Gateway?

The definition of what a Secure Email Gateway (SEG) is has evolved over the years but at a high level these gateways are physical, virtual, or cloud-hosted appliances that monitor emails coming in and going out of an organisation to detect anything unwanted or malicious in nature. Unwanted or malicious emails may contain or be associated with mail servers that deliver bulk spam, newsletters, adult material, phishing material, malware or frequently spoof sender addresses.

These unwanted and malicious emails are detected using a variety of techniques but the most common attribute across all SEG vendors is the use of a reputation score. When an email is analysed, the SEG will assess dozens or hundreds of individual metrics to determine what the reputation of a given email should be. These metrics are derived from the email header, senders IP address, senders domain name, email body and email attachments. In terms of what’s analysed within each of these data points that’s where it’s a bit blurry and for good reason… If a threat actor knew the inner workings of how a SEG detected phishing material then they’d know what they need to do to bypass it.

Which Secure Email Gateway is the best?

It’s impossible to know… There’s an entire industry built around analysing SEG vendors and ranking them from best to worst. However, as someone who works in the security industry and has worked for multiple security software vendors I feel comfortable in saying that these benchmarks are highly prone to bias and external influence. Given we as consumers can never see under the hood, we’re never in a position to verify the data supporting these benchmarks. The best information at our disposal are industry reviews… Although, good reviews are often bought while bad reviews are reported and deleted. The best data point at our disposal are hard statistics on which SEG vendor is used by the most organisations.

Which Secure Email Gateway is the most popular?

Fortunately, CanIPhish are uniquely positioned to answer this question. Through our free domain scanning tools, we’ve recorded searches on thousands of organisations and with each search we gain insight into the email infrastructure each organisation uses. Accordingly, we’ve gathered the hard statistics on which tools are the most popular out there… We’ll be breaking these tools into two distinct categories. The reason for this is that all SEGs operate slightly differently, some combine spam and malware filtering together, while others only do one or the other.

By seeing both categories together, we get an accurate view of which tools are the most popular for their respective category.

Note: The statistics are based on the analysis of 3177 organisations and are broken down by the percentage of organisations detected using a particular tooling.

Popularity of Spam Filters by usage:

1. Exchange Online Protection: 47%
2. Proofpoint SEG: 15%
3. Mimecast SEG: 12%
4. Cisco IronPort: 12%
5. Google Mail: 11%
6. Symantec MessageLabs: 3%
7. Trend Micro HES: 3%
8. Barracuda Email Security: 2%
9. Forcepoint Cloud: 1%
10. FireEye ETP Cloud: 1%

Popularity of Malware Filters by usage:

1. Exchange Online Protection: 50%
2. Proofpoint SEG: 16%
3. Mimecast SEG: 12%
4. Google Mail: 11%
5. Sophos AV: 10%
6. McAfee AV: 2%
7. Barracuda Email Security: 2%
8. Symantec MessageLabs: 1%
9. Forcepoint Cloud: 1%
10. FireEye MX: 1%

Wrapping up

The statistics shown above represent the popularity of various secure email gateways but don’t necessarily reflect functionality. We recommend that when deciding between SEGs you run a proof-of-concept with multiple vendors and ultimately decide on the tooling that best suits your organisational needs.

It goes without saying but if SEG vendors did everything perfectly then phishing wouldn’t be worry… But the truth is that SEGs will never detect 100% of phishing emails, there’ll always be those that find their way into your users mailboxes and that’s where your users need to know how to spot the phish. By using the free phishing simulation platform provided by CanIPhish you can train your users on how to detect real-world threats. If you have any questions, please don’t hesitate to contact the team at CanIPhish.