Avatu Ltd

LastLine Email Defender Cloud

A next generation SaaS sandboxing technology that examines and reports upon the behaviour of files entering an organisation's IT estate through email traffic. Through behaviour analysis, the service is able to detect, report on and block malicious content as well as identify potential phishing attempts and shadow IT.

Features

  • Advanced email malware inspection
  • Phishing email detection
  • Malware behaviour analysis
  • Detailed malware analysis report
  • Actionable Intelligence
  • Zero day attack visability
  • Shadow IT detection
  • Deep content inspection down to the physical layer
  • Automatically block malicious files
  • SIEM integration

Benefits

  • Fully SaaS based email malware protection
  • Protect users from malicious attachments and downloads
  • Identify and block phishing attacks
  • Enable malware reverse engineering
  • Identify shadow IT
  • Understand and respond to organisational risk
  • Integrates with O365
  • Real-time threat intelligence

Pricing

£45 per user per year

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11

256483191816262

Avatu Ltd

Matt Jones

01296621121

info@avatu.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints N/A
System requirements
  • Internet connection
  • Compatible browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response time will be determined by, the choice of product deployed, the contracted service level agreement and the severity of the issue/question.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Response time will be determined by, the choice of product deployed, the contracted service level agreement and the severity of the issue/question.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Usually via Proof Of Concept in the first instance, we will assist users in initial POC/integration design, implementation choices deployment and training. We can also provide example API scripts to drive rapid integration engineering if required.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Data can be extracted via SIEM, syslog, streaming API or HTTP streaming
End-of-contract process The service will cease with access to the online portal terminating and all customer data deleted.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install No
Designed for use on mobile devices No
API No
Customisation available Yes
Description of customisation System administrators are able to set policy that defines how the system responds to different types of identified threats, for example, automatically block, alert or allow.

Scaling

Scaling
Independence of resources Lastline uses an elastic growth approach for compute power, allowing us to grow and shrink based on customer demands, without affecting customer experience

Analytics

Analytics
Service usage metrics Yes
Metrics types Yes, metrics are available for all components of the solution, including network usage, and object processing
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Reseller providing extra support
Organisation whose services are being resold Lastline

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Encryption of all physical media
Data sanitisation process No
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Data can be exported directly from the solution’s UI, or by leveraging the API, the solution is able send/stream data to third party products (e.g. SIEM)
Data export formats
  • CSV
  • Other
Data import formats Other

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Service Level Agreements will be provided on a case by case basis during contract negotiation. The SLA will define any guarantees around availability specific to the customer.
Approach to resilience There are many levels of resiliency starting with the hardware delivering the service (Manager and Engines) which are load balanced or have a fail over capability. Physically, a fail over capability is in place between the European data centre and U.S. data centre for instances of building loss.
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels Role based access control is used, each identity is assigned a role.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information No audit information available
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Available on request where an NDA is in place

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach As a cyber security vendor, Lastline’s internal policies & processes are robust to ensure effectiveness of the integrity of its service to customers. As such these are confidential and only made available under the strictest of Non-Disclosure Agreements
Information security policies and processes As a cyber security vendor, Lastline’s internal policies & processes are robust to ensure effectiveness of the integrity of its service to customers. As such these are confidential and only made available under the strictest of Non-Disclosure Agreements

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Lastline has clearly defined policies in place, the details of which are available to customers who have an NDA on file with Lastline
Vulnerability management type Undisclosed
Vulnerability management approach Lastline has clearly defined policies in place, the details of which are available to customers who have an NDA on file with Lastline
Protective monitoring type Undisclosed
Protective monitoring approach Lastline has clearly defined policies in place, the details of which are available to customers who have an NDA on file with Lastline
Incident management type Undisclosed
Incident management approach Lastline has clearly defined policies in place, the details of which are available to customers who have an NDA on file with Lastline

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £45 per user per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Fully functional, time limited trial

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Terms and conditions
Service documents
Return to top ↑