Gartner defines an email security platform as a product that secures email infrastructure. Its primary purpose is the removal of malicious (phishing, social engineering, viruses) or unsolicited messages (spam, marketing). Other functions include email data protection, domain-based message authentication, reporting and conformance (DMARC), investigation, and remediation through a dedicated console. These solutions may integrate as a secure email gateway (SEG) for predelivery protection or as an integrated cloud email security (ICES) solution for postdelivery protection. Email security platforms protect an organization’s email infrastructure from social engineering, phishing, business email compromise, spam, malware attacks and data theft. These platforms are deployed independently but integrated with other network and endpoint security controls to improve the overall risk posture of the organization. They offer cybersecurity teams visibility into email-related security incidents for investigation and remediation.
Gartner defines security service edge (SSE) as an offering that secures access to the web, cloud services and private applications regardless of the location of the user, the device they are using or where that application is hosted. SSE protects users from malicious and inappropriate content on the web and provides enhanced security and visibility for the SaaS and private applications accessed by end users. Security service edge provides a primarily cloud-delivered solution to control access from end users and devices to applications, as well as websites and the internet. It provides a range of security capabilities, including adaptive access based on identity and context, malware protection, data security and threat prevention, as well as the associated analytics and visibility. It enables more direct connectivity for hybrid users by reducing latency and providing the potential for improved user experience. Capabilities that are integrated across multiple traffic types and destinations allow a more seamless experience for both users and administrators while maintaining a consistent security stance.
Gartner defines user authentication as the journey-time process that provides credence in a claim to an identity established for a person for access to digital assets. User authentication is delivered by some combination of (a) an authenticator, (b) signals evaluation and (c) an authentication decision point, which may be from different vendors. User authentication is used to provide credence in an identity claim for a person already known to an organization. The credence must be sufficient to bring account takeover (ATO) risks within the organization’s risk tolerance. User authentication is foundational to and protects the value of other functions with an organization’s identity fabric, namely: runtime authorization, especially segregation of duties (SOD); audit (individual accountability); and identity analytics.