Question? regarding cybersecurity solution tool evaluation

[Tatalouie]

Hi Mga master, Ask ko lang sana on how you evaluate your cybersecurity solution for antiphising? email protection? Like for anti ransomware solution usually ang ginagawa mag ddownload ng known ransomware then iccheck kung kaya ma detect ng anti ransomware solution. how about naman for email protection how do guys evaluate it? like pano kayo nag ssimulate ng phishing email, email spoofing/whaling/spear phishing or sample email na may malware attached?

 

[emman-zamora]

there's so many option to be honest but for me i will just use ESET and they eventually do the Job for me
I'm just monitoring it via ESET PROTECT

 

[Tatalouie]

there's so many option to be honest but for me i will just use ESET and they eventually do the Job for me
I'm just monitoring it via ESET PROTECT

To clarify ang goal ko Sir is to evaluate a anti-phishing/email protection tool. I am not looking for a tool like ESET PROTECT

 

[emman-zamora]

To clarify ang goal ko Sir is to evaluate a anti-phishing/email protection tool. I am not looking for a tool like ESET PROTECT

ᑕᕼᗩTGᑭT will answer you're question

To evaluate an anti-phishing/email protection tool, you typically assess it across these areas:

1. Detection Effectiveness​

• Can it detect phishing emails?
• Can it detect spear-phishing and business email compromise (BEC)?
• Does it identify malicious URLs?
• Does it detect malicious attachments (PDFs, Office documents, ZIP files)?
• Can it detect impersonation of executives or trusted domains?

2. False Positives​

• Does it incorrectly flag legitimate emails as phishing?
• How often are legitimate business emails quarantined or blocked?

3. Email Authentication​

Check support for:

• SPF (Sender Policy Framework)
• DKIM (DomainKeys Identified Mail)
• DMARC (Domain-based Message Authentication, Reporting & Conformance)

4. Threat Analysis Features​

• URL rewriting and time-of-click protection
• Attachment sandboxing
• Malware scanning
• AI/ML-based phishing detection
• Threat intelligence integration

5. Deployment and Integration​

• Integration with Microsoft 365
• Integration with Google Workspace
• Ease of deployment
• API availability

6. Reporting and Visibility​

• Threat dashboards
• Incident reports
• Email trace capabilities
• Security analytics

7. Response Capabilities​

• Automatic quarantine
• Post-delivery email removal
• Automated remediation
• Alerting and notifications

8. Performance Impact​

• Email delivery delays
• System reliability
• Scalability

Example Evaluation Matrix​

Criteria	Weight	Score
Phishing Detection	30%	9/10
False Positives	20%	8/10
URL Protection	15%	9/10
Attachment Protection	15%	8/10
Reporting	10%	7/10
Ease of Deployment	10%	9/10

Practical Test Cases​

You can create a test plan using:

• Known phishing samples
• Benign emails
• Malicious attachment samples (in a controlled environment)
• Domain spoofing tests
• QR-code phishing emails
• Credential harvesting links