Having configured Integrations with your mailboxes and mail controls, every delivr.to campaign you send will provide rich detail into the emails that made it to your inbox, the state in which they arrived, and the assessment of them as they travel through each stage of your mail stack.

To highlight the most notable findings, your campaign results include Insights. These cover everything from:

  • Key payload delivery results: For example, the successful delivery of a prevalent malware family we’ve recreated.
  • Indication of mail control performance: Which tools blocked or flagged most emails? Which rules or signatures were most effective?
  • Attack surface reduction opportunities: Which uncommon file types known to be weaponised by threat actors could potentially be blocked?

An exhaustive list of the insights available to users can be seen below. Users with Trial subscriptions are limited to Informational insights only.

If there’s an insight you’d like to see added to the platform, contact us!

Legend

High Severity
Medium Severity
Low Severity
Informational Informational
Improvement Opportunity Negative Outcome
Effective Security Positive Outcome

Insights

  Name Severity Outcome
Attachments: Extensions successfully delivered Informational Effective Security
Attachments: High-risk attachment types permitted Improvement Opportunity
Attachments: QR code payload delivered Improvement Opportunity
Brand Impersonation: Body content delivered Improvement Opportunity
Containers: All password-protected zip attachments blocked Effective Security
Containers: Password-protected zip attachments permitted Improvement Opportunity
Executables: All EXEs blocked Effective Security
Executables: EXEs permitted Improvement Opportunity
Executables: PowerShell scripts permitted Improvement Opportunity
HTML Smuggling: HTML Smuggling payload delivered Improvement Opportunity
HTML Smuggling: Potentially unwanted attachment types permitted Improvement Opportunity
HTML Smuggling: SVG Smuggling payload delivered Improvement Opportunity
Integration: Breakdown of Defender Org-level Policies Informational Effective Security
Integration: Breakdown of Defender User-level Policies Informational Effective Security
Integration: Breakdown of Defender signatures flagged Informational Effective Security
Integration: Breakdown of Sublime rules flagged Informational Effective Security
Integration: Emails blocked by Defender 365 Effective Security
Integration: Emails blocked by Sublime Effective Security
Integration: Emails flagged by Sublime Effective Security
Links: Active content fetch origins Informational Effective Security
Links: All actively fetched Effective Security
Links: All rewritten Effective Security
Links: Inconsistent rewrites Improvement Opportunity
Links: No active content fetching Improvement Opportunity
Links: Not rewritten Improvement Opportunity
Links: SMB link delivered Improvement Opportunity
Links: search-ms link delivered Improvement Opportunity
Office: All password-protected Office attachments blocked Effective Security
Office: Password-protected Office attachments permitted Improvement Opportunity
Office: Potentially unwanted attachment types permitted Improvement Opportunity
Office: Word remote template injection attachment delivered Improvement Opportunity
Threat Intel: Agent Tesla attachment delivered Improvement Opportunity
Threat Intel: AsyncRat attachment delivered Improvement Opportunity
Threat Intel: BumbleBee attachment delivered Improvement Opportunity
Threat Intel: CVE-2024-21413 delivered Improvement Opportunity
Threat Intel: Callback phishing attachment delivered Improvement Opportunity
Threat Intel: DarkGate attachment delivered Improvement Opportunity
Threat Intel: IcedId attachment delivered Improvement Opportunity
Threat Intel: Nobelium attachment delivered Improvement Opportunity
Threat Intel: Pikabot attachment delivered Improvement Opportunity
Threat Intel: QakBot attachment delivered Improvement Opportunity
Threat Intel: SocGholish attachment delivered Improvement Opportunity