Advanced multilayer anti-phishing software. Built for the cloud and calibrated to your organization to block threats.

Benefits of Avanan Anti-Phishing Software:

  • Easy Deployment: Approve the app from your admin account and, in minutes, Avanan finds phishing attacks.
  • Complete Visibility: Monitor your entire suite to identify malicious behavior and compromised accounts.
  • Higher Catch Rate: Avanan breaks news of innovative attacks designed to evade the security of industry leaders.
  • Extends Beyond Email: Protect your cloud applications so that you can collaborate with confidence.
  • More Security-Savvy Users: Report threats, learn about potential attacks from automated alerts, and more!
  • Customer Support: Enjoy one-on-one customer support to guarantee a seamless security experience.

Anti-Malware and Ransomware

More than 75% of ransomware starts via email. By preventing malicious threats from reaching the inbox, Avanan protects your email from devastating ransomware.

Stop phishing. Stop ransomware.

  • With a multi-layer strategy to detect zero-day threats, as well as a self-teaching AI-powered algorithm that dynamically detects malicious behavior and quarantines dangerous files, enterprises use Avanan to protect themselves in real time.

Lockdown every application

  • Malware and ransomware can enter your environment through any cloud application. Whether you collaborate with Slack or Microsoft Teams or share files with OneDrive or Box, there are countless ways malware and ransomware can permeate your cloud.

Advanced reporting

  • Avanan’s detailed real-time reporting allows IT to analyze every aspect of a threat. This allows IT to view threat emulation videos that demonstrate what would happen if the malware had breached the network.

Account Takeover Prevention

Avanan’s event analysis algorithm identifies behavior that can be a sign of account takeover events.

We monitor over 100 event indicators such as:

  • New Logins: Logins from new devices, locations, or browsers.
  • Suspicious Configurations: Suspicious mailbox configurations.
  • Insecure Configurations: Insecure or malicious mail configurations.
  • Authentication: Disabling of multi-factor authentication.
  • Internal Emails: Suspicious internal emails with multiple recipients.
  • Password Resets: Multiple password resets in a short period of time.
  • Contact Groupings: Changes in contact groupings.
  • Session characteristics: Changes in session characteristics.

Data Loss Prevention and Compliance

Avanan’s SmartDLP offers a structured approach to data loss across your enterprise, from email to collaboration.

Identify confidential files

  • Avanan leverages the industry's most advanced tools to identify and mark files containing confidential, financial, and personally identifiable information, including credit card numbers, social security numbers, and bank routing numbers. When necessary, Avanan adds a -classified suffix to the end of confidential messages or files.

Prevent the accidental share

  • Avanan uses cloud-native controls to enforce granular share policies for individual files or folders based on their contents and context. Files can be deleted, quarantined, or encrypted before they become security incidents.

Easily customizable

  • Choose which types of activity to monitor, such as PII or PHI. Select which action to take, whether it's blocking the email entirely or encrypting it for an authorized user. See all matches and activities on the Avanan dashboard.


Avanan now offers email archiving. Building an archiving solution designed in the cloud from the ground up is really what makes our solution feature-rich and more reliable than anything the legacy providers developed on their own. This means that Avanan can store all processed emails–incoming, outgoing and internal–for seven years.

How it works

  • Upon purchase of archiving, Avanan will store all processed emails for seven years. That includes incoming, outgoing and internal. Emails that are sent from and received by a protected user’s mailbox can be archived; additionally, imported emails can be archived. Searching is within the same portal UI. Archiving can be enabled for current customers by contacting support.

Importing archives

  • No need for multiple solutions. Now, you can employ Avanan for email security and archiving. In a one-time process, customers can important archives from other solutions and it will appear with all other archived emails.

Incident Response-as-a-Service

The Avanan Incident Response as a Service (IRaaS) leverages our team of experts to manage end-user reports of suspicious emails and requests to release quarantined emails. Every time a user reports a suspicious email or asks to have a quarantined email released, the request goes to our highly trained team of experts, instead of to your in-house team.

How it works

  • There are two workflows within Avanan's IRaaS:

1 - User reported suspicious emails:

  • Marking as phishing
  • Cross-customer mitigation
  • If a user thinks an email is suspicious, all they have to do is press "Report as Phishing," just as they would today. The only difference is that it opens a ticket in our system for our analysts to review. Our experts review the email and then choose from a variety of actions, such as:
  • Releasing from quarantine
  • Creating whitelists
  • Creating blacklists

2 - Request release from quarantine:

  • If a user is notified that an email was quarantined as malicious or phishing, they can request an investigation to ensure that it wasn't a false positive. In this case, Avanan does the investigation and remediates as necessary.
  • The end-user request is presented within the UI, and there are no changes to user behavior. Avanan will also provide a weekly report, with a summary of requests and a breakdown of actions taken.
  • In the future, Avanan will also release this service to all SaaS apps, as well as introducing a release from all quarantine option, which includes ATP.