Business email compromise (BEC) and supply chain attacks share a critical characteristic: they originate from senders an organization already trusts. Traditional email security—whether native controls or secure email gateways—struggles to detect these threats because they often lack malicious signatures or reputation indicators.
SANS recently conducted a hands-on evaluation of Darktrace Email, a solution designed to close these gaps through self-learning AI that builds behavioral baselines for every correspondent.
Join SANS Analyst Matt Bromiley on April 27, 2026, at 10:30 ET, where he will examine what occurs when a trusted vendor’s account is compromised or when a supplier’s email patterns deviate from the norm, and how security teams can prepare for these scenarios.
The session will also highlight how Darktrace Email’s Integrated Cloud Email Security (ICES) approach delivers meaningful, additive protection for organizations already using Microsoft 365 or Google Workspace with existing security controls.
Key Areas of Focus:
- Learning external correspondents and establishing behavioral baselines for third‑party senders.
- Detecting account takeover (ATO) through deviations in tone, topic, and communication patterns.
- Understanding ICES architecture, including parallel deployment that delivers architectural and methodological advantages.
- Executing precise, risk‑reducing response actions that preserve business continuity.
- Enabling low‑touch operations that support fast, mature “quick in, quick out” deployments.
Join us for a look behind the scenes at Darktrace Email and download the accompanying whitepaper for a detailed technical review.
