AI-Based Email Security: Eyal Benishti, IRONSCALES – Delve E05

Blog | Posted: 21-12-2022
Row curve

From Child Coder to Pioneer of AI-based Email Security



Hello listeners, welcome back to this month’s episode of Delve the podcast!

Today we are delving into artificial intelligence, it’s been a few years now that we’ve been talking about this phenomenon. Is it time to hand over the keys, the steering wheel, the engine and the decisions to the machines?

Email is something that we use every day, and for those that work in the IT industry, email security is second-nature. For those who don’t, we have to take it back to basics. Helping me get into this topic is Eyal Benishti, the pioneer of AI-driven email security and founder & CEO of Series C-funded, and most badass logoed email security company – Ironscales.

“Email is not secure by design, it’s a text-based protocol.”

[Learn more about ai-based email security, Ironscales, here]

About Eyal Benishti

Born and raised in Israel, Eyal was always into technology and coding from a very young age, in fact, at the age of seven! So for all of you out there thinking about whether you should get your children into coding, here is the embodiment of what that means. Eyal’s dad bought him a book in basic coding, and he spent most of his free time at a computer shop around the corner from where he lived to code. He went on to build computers; including an Amstrad starting on black and white screens, building up through his various Pentium machines, floppy disks, CD ROMs and hard drives.

Eyal served in the army for almost four years, which is a requirement in Israel, before he bounced into a BSc in Computer Science, and then took his first job as a Java developer. He had various jobs in the tech industry prior to ending up at Radware. It was during his time at Radware that Eyal conceived Ironscales as a concept and the rest is history!


Discussion Points

  • Introduction [00:00 – 02:36]
  • Tell us more about email security [02:37 – 03:47]
  •  When did we start to see malware as we know it today? [03:48 – 05:13]
  • Let’s pause there for a second and talk about anti-virus. [05:14 – 07:14]
  • What is sandboxing? [07:15 – 10:21]
  • What incident led Eyal to the conception of Ironscales? [10:22 – 11:03]
  • DDoS attacks and bots [11:04 – 12:54]
  • Eyal’s “AHA!” moment [12:55 – 14:02]
  • Business Email Compromise [14:03 – 15:09]
  • What made Eyal step out of Radware and start an email security business? [15:10 – 17:45]
  • How many new phishing emails are we seeing daily? [17:46 – 19:20]
  • Are users the problem when it comes to phishing emails and attacks? [19:21 – 21:07]
  • What other technology has Ironscales created to help with email security? [21:08 – 26:05]
  • Artificial intelligence and automation. Can we hand the keys over to the machines? [26:06 – 29:24]
  • Intent and contextual-based email attacks [29:25 – 31:00]
  • How Ironscales builds a community and uses it to disrupt email security. [31:01 – 36:30
  • The change in the phishing threat landscape. [36:30 – 38:10]
  • How do we secure the consumer world? [38:11 – 41:50]
  • Which technology topic will Eyal be delving into in the future? [41:51 – 43:40]


Technical Jargon

  • Business Email Compromise (BEC): is a cybercrime where an attacker uses email to impersonate an executive or authority figure to trick an employee into transferring money or sensitive information. It often involves phishing and can cause significant financial loss.
  • Secure Email Gateway (SEG): is a security solution that filters and inspects all incoming and outgoing email traffic to protect against threats such as spam, phishing and malware.
  • Malware: is any software designed to harm a computer system or steal personal information without the owner’s knowledge or consent. Examples include viruses, worms, Trojans, ransomware, and spyware. They can be spread through email, malicious websites or infected software downloads.
  • Ransomware: is a type of malware that encrypts a user’s files and demands a ransom payment in exchange for the decryption key. It is typically delivered via email or infected websites, and can cause disruption and data loss if not paid.
  • Phishing: is a type of online fraud where attackers try to trick individuals into giving sensitive information by using fake websites or emails that look legitimate. They often use social engineering tactics to get the victim to click on a link or provide information, which can lead to steal login credentials or personal information or downloading malware.
  • DDoS (Distributed Denial of Service) attack: is a cyber attack where multiple infected systems are used to target a single system, overwhelming it with traffic and making it unavailable to users. This can be done by flooding the target’s network or depleting its resources.


Sources Mentioned

About Delve
Delve is a technology podcast, where your host, Lance Williams, is joined by guests to tackle technology topics that need exploring, unpacking and in some cases, de-mystifying in our brave and boundary-less IT world. Available on all podcast platforms, please subscribe and tune in each month as Lance interviews special guests from the cybersecurity world and beyond.

Listen Here