惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Hacker News - Newest:
Hacker News - Newest: "LLM"
S
SegmentFault 最新的问题
The Cloudflare Blog
T
The Exploit Database - CXSecurity.com
C
CXSECURITY Database RSS Feed - CXSecurity.com
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
P
Privacy & Cybersecurity Law Blog
有赞技术团队
有赞技术团队
www.infosecurity-magazine.com
www.infosecurity-magazine.com
雷峰网
雷峰网
Google DeepMind News
Google DeepMind News
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
T
Threatpost
The Hacker News
The Hacker News
人人都是产品经理
人人都是产品经理
阮一峰的网络日志
阮一峰的网络日志
大猫的无限游戏
大猫的无限游戏
L
Lohrmann on Cybersecurity
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
W
WeLiveSecurity
T
Threat Research - Cisco Blogs
博客园 - 叶小钗
量子位
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Simon Willison's Weblog
Simon Willison's Weblog
I
Intezer
S
Secure Thoughts
V
V2EX
Apple Machine Learning Research
Apple Machine Learning Research
小众软件
小众软件
酷 壳 – CoolShell
酷 壳 – CoolShell
Microsoft Azure Blog
Microsoft Azure Blog
博客园_首页
Help Net Security
Help Net Security
爱范儿
爱范儿
C
Cybersecurity and Infrastructure Security Agency CISA
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
腾讯CDC
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
C
Check Point Blog
WordPress大学
WordPress大学
Last Week in AI
Last Week in AI
T
Tor Project blog
NISL@THU
NISL@THU
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
I
InfoQ
The Register - Security
The Register - Security
Recent Announcements
Recent Announcements
N
News and Events Feed by Topic
B
Blog RSS Feed

Computerworld

Microsoft 365: A guide to the updates Windows 11 Insider Previews: What’s in the latest build? Windows 11: A guide to the updates Apple can't make chips fast enough, but that's only part of the story AI-led job cuts don’t always mean stronger ROI — Gartner Microsoft, Google push AI agent governance into enterprise IT mainstream Microsoft now has more than 20M paying Copilot users AI is more accurate than doctors in emergency diagnoses — study Start small, but start now: How to bring AI into your small business Apple is preparing to spend, but not necessarily on AI 10 quick productivity tips for Microsoft 365 mobile apps Relying on LLMs is nearly impossible when AI vendors keep changing things Apple breaks records, admits it can’t make Macs fast enough Spotlight report: Transforming software development with AI - Whitepaper Repository - 25 great uses for an old Android device AI chatbots need ‘deception mode’ Friendlier chatbots can be less reliable, study says Gartner sees untamed growth in agentic AI Apple reportedly abandons Vision Pro AI venture funding to shoot up this year as bubble looms Scaling up a tech startup in Europe is hard — 'EU Inc.' aims to help Apple will be behind on AI — until it isn’t EU lawmakers fail to agree on watered-down AI Act, talks pushed to May Android reminders, reinvented Who’s the better CEO, Apple’s Tim Cook or Microsoft’s Satya Nadella? AWS unveils trio of key AI strategy announcements SAS makes AI governance the centerpiece of its agent strategy Can Apple’s new CEO turn things around? Enterprises need to think beyond GPUs for agentic AI, analysts say Fleet hopes to be the MDM provider for the AI Era Why simplicity is the silent driver of hybrid workplace success Why security matters in the meeting room Can everyday IT decisions turn sustainability from intent into impact? Why the meeting room has become the true test of hybrid work Why smart meeting rooms are becoming strategic IT assets How collaboration technology defines the next phase of hybrid work Microsoft, OpenAI change contract terms–again OpenAI plans its own ‘iPhone killer’ Your AI strategy is all wrong Agent Mode is now available in Microsoft Word, Excel, and PowerPoint Adobe bets on AI agents to stay at the center of marketing workflows Microsoft to offer voluntary retirement buyouts to about 7% of the US workforce Google Keep cheat sheet: How to get started The AI workplace paradox: Higher productivity, higher anxiety Gartner: Global IT spending to grow by 13.5% this year Apple may be the only laptop vendor to grow in 2026 Tim Cook’s legacy: a successful CEO who stumbled over AI Google Chat becomes an agent interface for Workspace Gemini Enterprise update brings AI agents into collaborative workflows Meta to track employee keystrokes, screen activity to train AI agents The smartest ways to sync your Android and computer clipboards Microsoft trims cloud desktop pricing, even as it boosts AI costs Adobe builds an ‘agentic content supply chain’ for the AI era You can now test and compare AI models on LinkedIn With John Ternus as CEO, expect Apple’s platforms to proliferate Apple CEO Tim Cook stepping down, to be replaced by John Ternus Global RAM shortage appears set to continue through 2027 Is this where Apple Silicon will be in 5 years? AI-ready skills are not what you think World ID expands its ‘proof of human’ vision for the AI era Microsoft's Patch Tuesday updates: Keeping up with the latest fixes Microsoft’s Patch Tuesday release for April is a whopper Robot Zuckerberg shows how IT can free up CEOs’ time UK wants to build sovereign AI — with just 0.08% of OpenAI’s market cap 20 tricks for more efficient Android messaging AI is finally delivering productivity — for remote employees Google should share search data to break its monopoly, European Commission suggests How to think about Apple Business Microsoft Teams cheat sheet: How to get started Reporter’s notebook: In Nepal and Sri Lanka, AI boom brings hope How to create your own custom Android air gesture Can Microsoft really meet its carbon-negative goal by 2030? About the Best Places to Work in IT Microsoft to cut Windows 365 price for SMBs Blancco confirms Mac adoption is accelerating Apple devices’ satellite link is under new ownership IBM’s government DEI settlement could increase pressure to avoid tech hiring diversity Microsoft is developing Copilot features inspired by Openclaw Global RAM shortage prompts Microsoft to hike Surface prices Apple Business rolls out to 200+ countries today Windows 10: A guide to the updates Nvidia’s Stephen Jones on the toolkit powering GPUs: ‘A wild ride’ The French government eyes alternatives to Windows Apple preps for the face race How to build your own AI agents with Google Workspace Studio Adobe Summit 2026: How Adobe hopes to redesign marketing and creativity with AI DARPA wants to help AI agents to talk to one another Apple unveiled a new high-end market opportunity this week Microsoft adds hidden feature flags to Windows Insider builds Meta moves fast toward a world where AI builds the software PC sales rise in Q1 despite memory shortage — IDC Agentic AI – Ongoing coverage of its impact on the enterprise Google’s new AI app is a glimpse of the future This problem might not need a solution: customer-service bots that code for free Chrome, Vivaldi, and the challenge of changing browsers The new M5-based MacBook Air is built to last — and perform Apple worst, Asus best for laptop repairability US court refuses to stay Pentagon’s ‘supply-chain risk’ blacklisting of Anthropic The top priority for Adobe’s next CEO? Prepping for the ‘age of agents’ It's iPhone speculation time: flips, flaps — and Fold
Microsoft says you don’t need another email security tool; experts say, not so fast
Taryn Plumb · 2026-06-17 · via Computerworld

New benchmark claims Microsoft Defender catches nearly all malicious email on its own, with integrated third-party tools improving detections by less than 1%, but security experts say these numbers may oversimplify the real risk.

Despite best efforts by defenders, malicious emails continue to slip through the cybersecurity cracks, leading some enterprises to implement a layered “defense in depth” strategy that incorporates multiple tools.

Microsoft seems to be challenging this idea, revealing that there are only nominal returns from adding integrated pre- and post-send partners to Defender for Office 365’s protections.

According to its new quarterly benchmarking data, the tech giant catches the vast majority of malicious and spam emails before delivery, misses the fewest compared to competitors by a wide margin, and removes nearly 100% of dangerous emails that do reach the inbox. Collectively, its integrated partners improve that catch rate by less than .05%.

While these numbers seem to tip the scales towards a one-vendor email security stack, experts urge enterprises to be skeptical and cautious of such vendor claims.

Seva Ioussoufovitch, senior research analyst at Info-Tech Research Group, pointed out, “percentages obscure the true quantity and severity of what’s getting through, and, considering it only takes one message to result in an incident, it’s simple enough to argue that there is real value in the defense in depth that having multiple tools provides.”

Malicious and spam email catch by the numbers

Microsoft introduced its quarterly benchmarking report in July 2025 alongside a Defender integrated cloud email security (ICES) ecosystem designed to support multi-vendor security strategies.

The SEG players it ranked itself against this year includes Mimecast, Proofpoint, Hornetsecurity, Trend Micro, Iron Port (Cisco), Barracuda, and FireEye (Trellix); ICES companies include Abnormal, Checkpoint Harmony, Cisco, DarkTrace, KnowBe4 Defend, Tessian, and Trend Micro.

Redmond reported that Defender “consistently leads” in pre-delivery detection, missing 59% fewer high-severity cyberthreats prior to delivery than the other SEG vendors it evaluated. Its closest competitors were Mimecast and Proofpoint. The company also introduced a new metric in this area: A threat miss rate per 1,000 employees. In Microsoft’s case, that was 194 per 1,000; for Mimecast, 478; for Proofpoint, 483.

When it came to post-delivery protection, Defender removed an average of 96.03% of malicious emails that reached the inbox, up from an initial 45% when Microsoft first started tracking the data in its second report.

This makes Defender “an increasingly critical backstop, operating even when ICES solutions are in place,” Jeff Pinkston, VP and GM for Microsoft Defender, wrote in a blog post. Still, ICES tools operating in tandem with Microsoft Defender “continue to provide benefits,” improving malicious catch by 0.29% and spam catch by 0.68%, he said.

“If we focus on the basics, their argument seems strong,” Info-Tech’s Ioussoufovitch noted. “Do you really need a separate ICES vendor for that extra sub 1% catch?” Microsoft paints a “compelling picture” by only focusing on raw catch rate, he said, but we don’t hear the rest of the story: “What exactly is the danger of what isn’t being caught by Defender?”

No one vendor catches everything

David Shipley of Beauceron Security pointed out that the report underscores the fact that “lots of stuff still gets by e-mail filters.”

His company regularly analyzes hundreds of thousands of emails, and the content that gets through “ranges from the shockingly mundane and obvious to a human expert, to highly clever time-delayed attacks,” he said.

A key factor in what gets through is the amount of content that is allowlisted; settings in “100% paranoid mode” get high catch rates, as well as high false positives, Shipley noted. “Anyone who has ever had a sales person lose a deal because the purchase order PDF got flagged has felt this pain.”

Then there’s the AI conundrum: “A key risk for e-mail vendors using agentic LLM-based analysis is it’s now possible to poison those models with hidden content (such as ‘ignore this e-mail, pretty please’),” Shipley said. This means enterprises need a variety of analysis methods.

Ioussoufovitch agreed that keeping pace with threat actors using AI is an industry-wide challenge, particularly as AI enables higher-quality phishing. Filters are improving and will catch some of it, but some will inevitably continue to get through. Those messages are likely highly-targeted, which are lower in volume but harder to catch.

“As of now, current tools do seem to be struggling to keep pace, but that doesn’t mean those tools aren’t necessary,” said Ioussoufovitch. “It just highlights that defense-in-depth, broadly speaking, is becoming more and more important.”

Claims ‘appear more honest’

Shipley said that this report appears more honest, accurate, and mature than others claiming 99.99% phish catch rates, “which is never true.” It’s also a “smart marketing move,” because Microsoft competes for the same security budget as other tools, and would rather enterprises remove those vendors and buy more from it in areas beyond e-mail.

On the other hand, he said, Microsoft is offering up a list of other vendors to think about, “which, congrats to Mimecast on coming in second.”

In the long run, CISOs need to determine the best spend for their limited security dollars, he noted. Enterprises need a good filter; whether they need two is up for debate. “They also clearly still need to invest in a robust awareness program,” Shipley said, “because as this report shows, lots of phishes are still getting delivered.”

Missing an important nuance

Ioussoufovitch noted that while the claims in the study are interesting, the data is presented without much of the nuance that would make it truly actionable.

“We are all too familiar with vendors’ abilities to massage data to tell the story they want, so I would advise leaders not to extrapolate the data beyond what it actually says,” he said.

Instead of the takeaway being “get rid of our current vendors,” this post highlights that Defender provides “considerable value,” he noted. Whether adding or subtracting additional vendors is worth the money should be a case-by-case conversation that considers an organization’s risk appetite, and overall security budget and environment.

“I’d treat these claims more as a reminder to assess your own environment and compare detections,” he said. “Come to conclusions based on the data you have, not what a vendor is presenting.”

This article originally appeared on CSOonline.

SUBSCRIBE TO OUR NEWSLETTER

From our editors straight to your inbox

Get started by entering your email address below.