Skip links
prakash software logo

Looking for collaboration for your next project? Do not hesitate to contact us to say hello.

info@prakashinfotech.com

Facebook Twitter Github Linkedin Instagram Stack-overflow
prakash software logo
Prakash Software Solutions

Email Malware Detection

Helping you to keep your emails safe from cyber threats

Get in Touch
Open Menu

About Client

Email Malware Detection

USA

ITES

Challenges

With 90% of cyber threats starting in an email, email has been recognized as the #1 risk vector. Client wanted a product which can use multiple mechanisms to ensure that email-based malware can be weeded out on Microsoft Exchange server, both on-premise and online.

Technical Objective

  • Intercommunication with the SaaS application using Web Services
  • EWS (Exchange Web Services) API calls
  • Plugin-architecture for API calls
  • Deployment on cloud Server
  • Hash Management
  • Plugin for Virus Total API and Bright Cloud API

Solution

We developed a web application with following functionalities in it 
  • SAAS Based Multitenant Application
  • Integrating Exchange API for selecting the mailbox for scanning purpose
  • Ability to Search based on specific Conditions /Filters such as start date, End Date , Scanning emails from specific Domains /IPs etc.
  • Dashboard with the following counts and pie chart of
    • No of mailbox Scanned and count of total Infected mail box
    • No of messages with Infected URL
    • No of messages with “PE” file attachment (high risk)
    • Top 10 viruses found & pie chart of viruses found
    • Top 10 infected mailboxes by recipient name
    • Top 10 mailboxes containing executable files
  • Report Generation for Infected Recipient with the malware Name
  • Risk Posture Assessment Scoring was Integrated on the scale of 0-10
  • Plugin Module for Virus Total API – Virus Total security Feed Configuration option which user needs to fill during registration
  • User were able to get detail results after scanning which included
    • Virus name according to VirusTotal + AV vendor Name
    • Number of total hits from VirusTotal
    • Recipients of message
    • Message subject
    • Active Directory Title for each recipient etc
    • map display using OpenStreetMap.org of geo-­‐location based on sender IP geo-location lookup
  • Bright Cloud Plugin Module with Multiple APIS was integrated which included
    • Hash based file analysis
    • IP reputation analysis
    • submission of URLs. In return the reputation details are provided by BrightCloud
  • Creating rules for moving the mails to quarantine folder

Benefits

Client was easily able to detect any threat in the email via the solution that we provided

Technology Stack

Let’s talk.

Let’s talk — Send a message