Varonis unveils Interceptor AI platform to combat email phishing

Varonis has announced the launch of Varonis Interceptor, an email security platform that aims to identify and stop social engineering attacks using artificial intelligence.

The product was developed using AI technology acquired through Varonis' purchase of SlashNext. Through this integration, Varonis Interceptor seeks to address sophisticated threats that bypass traditional email security solutions, particularly those stemming from compromised vendors or manipulated employee accounts.

In the current digital landscape, attackers increasingly employ large language models (LLMs) to conduct targeted phishing campaigns and to create credential-stealing websites at rapid speeds. Such attacks are often undetected when originating from sources typically deemed trustworthy, challenging conventional detection tools and strategies.

"Bad actors aren't hacking computers, they're hacking trust. Varonis Interceptor stops breaches at the earliest point of attack - the inbox. Customers trust Varonis to defend their sensitive data, and now they can turn to us to defend against the new wave of AI-powered social engineering attacks," said Yaki Faitelson, co-founder and CEO of Varonis. 

SlashNext, the company behind the technical underpinnings of Interceptor, was founded by Atif Mushtaq, known for developing core malware sandbox technology at FireEye. The integration of SlashNext's capabilities into Varonis' offerings was finalised recently and forms the basis for the new product.

Varonis states that Interceptor features a multi-layered AI system combining natural-language processing, computer vision, behavioural analysis, and a phishing sandbox to identify and remove unfamiliar threat types in real time. This approach is designed to protect inboxes from attacks that may not resemble known threats or follow existing malicious patterns.

The company outlines several key features for the Interceptor service. These include multi-channel defence across a variety of platforms such as email and collaboration tools like Microsoft Teams, Slack, and WhatsApp. The system offers automated remediation abilities designed to remove inbound threats, with policies in place to delete malicious messages and counteract harmful links across an organisation at scale.

Interceptor also connects to a live threat intelligence database, supplying organisations with signals from ongoing monitoring and analysis of millions of URLs, brand impersonation attempts, and new or emerging phishing campaigns. Its AI-powered phishing sandbox leverages a virtual browser to safely interact with links and simulate user behaviour after a link is clicked, allowing the system to assess post-click actions for hidden threats.

With these capabilities, Varonis intends Interceptor to link email, identity, and data security into a comprehensive threat detection and response solution. The company positions this integration as a way to provide protection throughout the entire lifecycle of an attack, from the initial phishing email to potential data compromise.

Varonis indicates that Interceptor is now available to organisations. The service is API-based and, according to the company, can be deployed within five minutes. Users can also conduct a retrospective analysis to identify threats that may have bypassed their existing email security solutions.