Comprehensive post-delivery protection against targeted email attacks, powered by machine learning and automated response capabilities.

Free Risk Assessment

90% of breaches begin with a targeted email attack. 

GreatHorn Email Security provides complete protection for organizations using Office 365 and G Suite by detecting and stopping email-based threats — including highly targeted social engineering attacks like spear phishing and whaling that legacy tools miss.

GES is the first and largest machine-learning driven communication security platform, drawing on hundreds of millions of uniquely analyzed messages and threat data points from the GreatHorn Data Cloud. Through a combination of policy-driven detection and automated threat response capabilities, GES protects organizations against malicious email attacks and streamlines compliance and reporting by providing robust analytics capabilities.

"GreatHorn’s cloud-based email analytics suite gives us the insights we need to identify and mitigate threats to our employees and enterprise, and are essential to our overall security approach.”

Nick Vigier

Director of Security, DigitalOcean


Targeted phishing has become the single most effective attack type in the world, and the impact of these attacks is tremendous — over $400M in damages as of the most recent FBI studies. Legacy vendors, historically focused on on-premise technology and point solutions for email, have failed to keep up with the evolution in both in cloud communication technologies and attack techniques.

Architected and built for the cloud, GreatHorn Email Security uniquely provides the ability to identify and shut down these highly targeted attacks before damage occurs, without the overhead or risk of a traditional network routing solution and without the limitations of perimeter blocking.

The GES platform integrates directly with O365 and G Suite cloud mailboxes — no MX changes required, and compatible with Secure Email Gateways — to provide continuous monitoring over all email at the mailbox level.


GreatHorn's machine-learning approach and data architecture provides unmatched threat detection capabilities, aggregating de-identified data across every customer to improve the accuracy of the threat detection platform for each individual user.

The GreatHorn Policy Engine provides:

  • String- and RegEx-based data loss prevention
  • Display name spoof threat detection
  • Domain lookalike threat detection
  • Direct spoof (header manipulation) threat detection
  • Malicious link detection
  • Attachment analysis
  • SPF, DKIM, and DMARC analysis across all received mail
  • Automated fingerprinting and metadata threat protection built on global intelligence
  • Emergent threat detection - authentication metadata changes
  • Automated threat correlation across industries and market segments


GreatHorn enables users to monitor, manage, and create policies, which operate autonomously to protect mailboxes against inbound threats in real time. Policies are combinations of focusing conditions such as attack types, email recipients, senders, content keywords, along with automated actions taken by GreatHorn in response to events flagged by policies.

This customizable action framework provides:

  • Preset, out-of-the-box policies based on common patterns
  • Comprehensive risk remediation actions
  • Folder/Label/Category-based control (post-delivery)
  • In-email warning banners that alert users to potential risks
  • In-email warning banners that alert users to policy violations
  • Out-of-band email notifications alerting users to received threats
  • Algorithmic tuning based on user behavior and response
  • End-user alerting compatible with all mail clients, including mobile

Request a Demo

GreatHorn Logo

© 2018 GreatHorn, Inc. All rights reserved.