Salus Logo
Penetration Testing

Email Security

Salus' two-stage email security assessment verifies the effectiveness of an organisation's email security by evaluating its implementation from both attacker and internal user perspectives, aligned with standards prioritising secure email systems, such as Cyber Essentials.

Email remains the primary vector through which adversaries often gain their initial foothold within a targeted organisation, as confirmed by current security trends and research

Email is currently known to be the most common method of an attacker acquiring initial access into an organisation. It is for this purpose that security standards such as Cyber Essentials deem the security of an organisation’s email solution to be of paramount importance to administrators. To provide assurance in your organisation’s email solution, Salus offers a two-stage email security assessment service which aims to understand the implementation of your email security from the perspective of a would-be attacker, and an internal user.

This first stage consists of an external review, with external mail infrastructure (if any) tested and reviewed, in addition to configuration of email security, such as DKIM, DMARC, and SPF. This provides an insight into the public impression of the email security, and how the service may be abused by an attacker.

The subsequent internal review phase will consist of a configuration and practical review of email security, through a combination of implemented controls within your organisation, such as MessageLabs, Ironports, Microsoft 365 controls and others, tested against known attacker techniques. This assessment provides a realistic impact assessment of what an attacker may do to access the inboxes of your users or introduce malware within your internal network.

Binary Image

Our Approach

Whatever you're protecting, we apply defence grade cyber security skills whilst taking into consideration the realities of day-to-day business operations. We help our customers to address their known - and their unknown - cyber risks.

Here to Help
Tell Us Your Priorities!

Related Services