Enhanced Threat Protection

Neutralize the attack before it starts.

A unique opportunity to leverage classified ECS intelligence and Leidos institutional cyber knowledge to automatically detect and neutralize advanced threats before it’s too late.


Enhanced Threat Protection (ETP)

The Enhanced Threat Protection (ETP) service promotes active mitigation of advanced threats through intelligence-driven detection. The managed service examines DNS and email traffic against real-time threat feeds to automate threat protection and neutralize advanced threats.

ETP detects threats by comparing email and network traffic against “best in class” threat feeds. Suspicious emails are automatically quarantined and malware is blocked for real-time protection. Throughout the process, intelligence on the adversaries’ tactics, techniques and procedures is collected to inform a strong cyber defense.

  • Detect and quarantine emails with suspicious content
  • Detect and block malware Command and Control
  • Report metrics on emails processed and quarantined, domain names processed and blocked

ETP is a service that proactively stops malicious email delivery and malware Command and Control at key stages of the Cyber Kill Chain®.

ETP automates threat blocking based on:

  • historical intelligence
  • gathered intelligence
  • acquired intelligence


  • Automatically neutralize advanced threats
  • Identify malicious emails at the Delivery stage of the Cyber Kill Chain®
  • Deny adversarial Command and Control (C2) by redirecting DNS
  • Apply DHS sensitive and classified cyber threat intelligence using Enhanced Cybersecurity Services



Three service components to leverage intelligence and automate threat protection:

Threat Feed

Threat Feed

Enhanced Cyber Services (ECS) deliver sensitive and classified threat intelligence feed that automatically triggers alerts on activity in your environment. Alerts trigger further analysis and investigation leading to broader mitigation and remediation.

Email Filtering and Protection

Email Filtering & Protection

SMTP mail forwarding system is filtered against the ECS threat feed to proactively quarantine emails containing known suspicious content such as bad links/URLs, malicious indicators in the subject or body content or embedded malware. Administrators have complete control of email flow with the ability to access and manually review, delete, or release quarantined content.

DNS Blocking

DNS Blocking

Automatic updates to DNS routing to block malicious sites based on the ECS threat intelligence feed. Network traffic is redirected to safe servers within the ETP system, malware communications are halted to neutralize the threat and direct user traffic is protected, inhibiting the spread of known malicious content.

ETP Delivers

Access. Automation. Analysis.



Access to high-value intelligence threat feeds

Proactive Protection

Automated, real-time comparison to intelligence automatically neutralizes email and malware threats

Analyst Alerted

Alerts prompt advanced analysis and further mitigation

Know what you’re up against.

Is an APT simulation right for you?

Talk to a cybersecurity expert today.