Layeronexactlywhateachtenantneeds.

Every inbound email scored by 13 detection engines in parallel, within seconds of delivery.

Add-on at Backup Pro. Included with Advanced Threat Detection at Pro-Heavy, Fortress, and Enterprise. Includes attachment scanning, ML phishing detection, click-time URL re-validation, brand-impersonation detection, and sender behavioural profiling.

• Real-time scoring before the user interacts with the message.
• Consensus verdicts across 13 engines — no single-model blind spots.
• Automatic incident, audit trail, and policy-driven response on every confirmed threat.

Live Email Security plus the advanced detector stack — NLP, URL detonation, BEC graph, thread-hijack, ATO signal bridge, ARC validation, retro-hunt, and Microsoft-native threat intelligence.

Add-on at Pro-Heavy. Bundled in Fortress and Enterprise. Not available at Backup Pro or Starter.

• Twenty detectors fire per message; consensus requires 2+ independent engines above 0.8 for MALICIOUS.
• Microsoft-native threat intelligence via your tenant's existing Defender + Entra signals.
• User phish reporting, auto-clawback, and 90-day retro-hunt shipped with the add-on.

The premium enforcement layer for Advanced Threat Detection. Real browser isolation, real attachment detonation, explainable verdicts, and Bring Your Own Threat Intelligence.

Add-on at Fortress only. Included in Enterprise. Not available at Backup Pro, Pro-Heavy, or Starter.

• Sandboxed remote-browser isolation — ISOLATE verdict routes ambiguous URLs through an isolated browser.
• Live attachment detonation sandbox with malware-family labelling.
• On-demand retroactive threat hunting + per-message explainable verdict reports.
• Bring Your Own Threat Intelligence — connect your existing premium intel feeds.
• 2-person-approval session recording with POPIA 30-day purge.

AI-powered post-delivery protection with intent classification and in-message warnings.

Add-on at Backup Pro and Pro-Heavy. Bundled in Fortress and Enterprise.

• Intent classifier covers credential theft, wire fraud, invoice fraud, BEC, and related categories.
• Per-user relationship model flags new senders, unusual hours, and topic drift.
• In-message warnings before the user reads the message.

Activity monitoring, anomaly detection, and automated lockout for compromised Microsoft 365 accounts.

Add-on at Backup Pro and Pro-Heavy. Bundled in Fortress and Enterprise.

• Multi-dimensional anomaly scoring — impossible travel, privilege escalation, consent drift, and more.
• Automated lockout through Microsoft Graph, with administrator protection built in.
• Shadow-application discovery plus CIS-aligned posture scoring, refreshed daily.

Continuous breach monitoring, credential risk scoring, and one-click password reset.

Add-on at Backup Pro and Pro-Heavy. Bundled in Fortress and Enterprise.

• Continuous monitoring against leading breach-intelligence sources across every tenant mailbox.
• Multi-factor risk score (A–F) combines breach recency, stealer-log exposure, and lookalike-domain signals.
• One-click password reset and session revocation through Microsoft Graph.