Avanan is a cloud-native email and collaboration security company (now owned by Check Point) that built API-first, AI-driven defenses to stop phishing, malware, account takeover, data leakage and shadow‑IT inside cloud mailboxes and collaboration apps before threats reach users' inboxes[1][7].
High-Level overview
- Mission: Avanan’s stated mission was to protect cloud email and collaboration platforms from sophisticated attacks that evade built-in and legacy defenses by delivering inline, API-based security that integrates directly with SaaS providers[5][4].
- Product and customers: Avanan (rebranded under Check Point as Harmony Email & Collaboration) builds an API-integrated security platform that defends Office 365, Google Workspace, Slack, Teams and cloud file-sharing services from phishing, BEC, malware and data loss; its customers were mid‑to‑large enterprises and managed security providers looking for cloud-native email protection[5][7].
- Problem solved: The product addresses gaps left by native cloud provider controls and traditional secure email gateways by scanning and remediating harmful content inside the cloud environment (pre-inbox and post-delivery forensics) using patented API techniques and machine learning[4][5].
- Growth momentum: Avanan raised venture capital, scaled to thousands of customers and millions of inboxes, earned top rankings on platforms such as Gartner Peer Insights and G2, and was acquired by Check Point in 2021—after which its technology was folded into Check Point’s Harmony Email & Collaboration offering[3][1][7].
Origin story
- Founding and founders: Avanan was founded in 2014 to tackle the rapidly evolving phishing and cloud-threat landscape and was built by security practitioners who patented API-based inline email security to protect cloud mailboxes[1][5].
- How the idea emerged: The company emerged as organizations migrated mail and collaboration to cloud services and encountered sophisticated evasive attacks that bypassed existing defenses; Avanan’s founders leveraged machine learning and API integration to place security inside the cloud rather than solely at the network perimeter[5][3].
- Early traction and pivotal moments: Early traction included rapid adoption for Office 365 and G Suite protection, recognition in analyst reports (451 Research) for its novel API approach, OEM relationships (including with Check Point prior to acquisition), and industry rankings that validated product-market fit before the 2021 acquisition by Check Point[5][3][4].
Core differentiators
- Patented API-first approach: Avanan patented inline email security via APIs that operate inside cloud providers to stop threats before they reach the inbox, enabling capabilities standard gateways can’t offer[5][4].
- Multi-layered detection: Combines multiple machine‑learning models, threat intelligence, and human-in-the-loop feedback to catch evasive phishing, zero-click attacks, and account takeover attempts missed by built-in protection[4][2].
- Rapid, low-friction deployment: Cloud-to-cloud one‑click or API installs allow enterprises to deploy protections quickly without routing mail through external gateways or changing MX records[4][5].
- Broad coverage across collaboration stack: Protects not just email but collaboration apps and file-sharing services (Teams, Slack, Box, Dropbox), addressing modern vectors for BEC and data leakage[3][5].
- Forensic and remediation capabilities: Supports post-delivery scanning and automated remediation/quarantine and provides visibility for incident response inside the SaaS tenant[4][5].
Role in the broader tech landscape
- Trend alignment: Avanan rode the wholesale shift to cloud-first productivity suites and the parallel rise of sophisticated phishing, BEC and collaboration-targeted attacks that demanded security embedded in SaaS platforms rather than only at the perimeter[5][3].
- Timing: Adoption accelerated as enterprises embraced Office 365/Google Workspace and remote work expanded attack surfaces, making API-based inline defenses timely and necessary[3][5].
- Market forces: Growth in cloud collaboration, regulatory focus on data protection, and the limitations of legacy secure email gateways created a strong addressable market for cloud-native email security[5][1].
- Ecosystem influence: By demonstrating an effective cloud-to-cloud security model and becoming an OEM/partner to larger vendors, Avanan influenced how vendors and MSSPs approach email protection and helped normalize embedding security via APIs within SaaS environments[4][3].
Quick take & future outlook
- Near-term: After Avanan’s acquisition, its technology powers Check Point’s Harmony Email & Collaboration product; continued integration with a larger security portfolio and global channel should accelerate reach and enterprise adoption[7][3].
- Mid-to-long-term trends that matter: Continued evolution of phishing (AI-assisted attacks), expansion of collaboration tools, and demand for unified cloud-native security and automated remediation will drive adoption of API-integrated approaches[5][2].
- How influence may evolve: As cloud providers and large security vendors incorporate or partner around in‑tenant protections, Avanan’s original API-first techniques are likely to become a standard component of enterprise email/collaboration security stacks; the key differentiator will be the quality of detection models, threat intelligence integration, and remediation automation[4][5].
Quick take: Avanan pioneered practical, API-driven cloud email and collaboration security that addressed real gaps left by native and gateway controls, scaled quickly enough to earn market validation, and has been incorporated into Check Point’s product line—its approach helped move the industry toward embedding security inside SaaS rather than only at the perimeter[5][3][7].
