Challenges
- ATO and BEC campaigns leveraging compromised internal accounts of clients.
- Attacks bypassing traditional filters and legacy technologies.
- Prospect beliefs around SEG efficacy and legacy expectations (block/allow lists).
Results
- Real incidents contained within minutes via trained user reports and IRONSCALES response.
- Manual classification workload reduced to almost zero.
- High customer satisfaction and retention throughout product adoption lifecycle.
Solution
- Inbox-level protection and automated email-based threat remediation.
- SAT and phishing simulation testing to reinforce end user resilience.
- API-based deployment with clear permission controls and revocation.
Company Intro
CyberScope is a Madrid-based Managed Security Provider (MSP) serving customers across EMEA with additional clients in the U.S. and South America. The team began working with IRONSCALES in 2019, first adopting Security Awareness Training (SAT) and later expanding to the full protection suite, including Account Takeover (ATO) and Business Email Compromise (BEC) defenses. Familiarity and trust in the IRONSCALES approach helped jumpstart the partnership.
The Problem
CyberScope observed a rise in credential-theft intrusions that led to internal account takeovers in Microsoft 365. Once a mailbox was compromised, attackers leveraged the legitimate account to send follow-on lures to colleagues, exploiting existing trust relationships. These internally sourced messages could bypass upstream filters and customer gateways, allowing an attack to propagate quickly before remediation.
Operationally, many prospects arrived with a Secure Email Gateway mindset—expecting static block/allow lists and deterministic rules —while some raised onboarding questions about requested permissions. These expectations added friction to rollouts even as the primary need was rapid detection and removal of ATO/BEC campaigns originating from legitimate accounts.
Solution
CyberScope deploys IRONSCALES via native API integration to Microsoft 365 and Google Workspace, avoiding MX changes and mail-flow disruption. Operating at the mailbox level, the platform’s self-learning detection analyzes sender reputation, message content, and behavioral signals, then applies automated remediation that clusters and removes related messages across user inboxes. The report-phishing button and AI-powered guidance are enabled through the same API, requiring no endpoint installations.
IRONSCALES is explicitly defined as the front-line, automated defense—its job is to stop the threat and contain the incident at the email level. Endpoint tools are clearly designated as the final, last-resort countermeasure, ensuring that the client understands they have multiple, distinct safety nets.
Outcomes
CyberScope noted the following among its most impacted areas:
- Faster incident containment: Trained users report suspicious messages and IRONSCALES automatically clusters and removes related variants across inboxes within minutes, limiting spread from compromised accounts.
- Operational efficiency: Automated detection and remediation cut manual classification to near zero for CyberScope’s team, reducing daily triage work.
- Customer retention and confidence: Consistent results versus cheaper or built-in alternatives reinforced renewals and platform expansion.
- Responsive support: Fast, effective assistance from IRONSCALES resolved issues in a few emails, sustaining service quality for customers and CyberScope’s internal team.
Additional ROI
About IRONSCALES
IRONSCALES is an API-based email security platform that combines Adaptive AI, agentic automation, and crowdsourced human intelligence to detect and remediate phishing, business email compromise, account takeover, deepfake, and GenAI-powered attacks. The platform deploys in minutes via native API integration for Microsoft 365 and Google Workspace with no MX record changes. Beyond threat detection, IRONSCALES includes integrated phishing simulation testing, security awareness training, DMARC management, deepfake protection for Microsoft Teams, and an agentic AI virtual SOC that automates incident response. The platform is powered by a global threat intelligence network of 35,000+ security professionals across 17,000+ organizations and 3,500+ MSP partners. Learn more at ironscales.com.
Subscribe to Our Newsletter
Stay up to date with our latest news, articles and resources.
Explore More Articles
Say goodbye to Phishing, BEC, and QR code attacks. Our Adaptive AI automatically learns and evolves to keep your employees safe from email attacks.