Exploitable defects in popular operating systems and/or software applications are the means by which computer hackers penetrate network perimeters within enterprises and other computer network domains. Quite often, such malicious exploits make use of electronic mail (email) attachments as the means by which the attack on the targeted network occurs. Targeted networks can expect to be exposed to various levels of attachment-bound exploit attempts on an ongoing basis. As such, it is imperative, in the event that such an attack is not caught at the onset, to understand which computing devices have been exposed to the attachment (i.e., which recipients opened the attachment). Since most email applications do not provide a “read” flag for attachments, it is not currently possible to determine whether or not an attachment has been opened/read by the email recipient.
Therefore, a need exists to develop systems, apparatus, methods, computer program products and the like that provide for security monitoring of email attachments. In this regard, the desired systems and the like should provide for conducting security analysis upon receipt by the network domain and prior to dispatching the associated email to the intended email recipient's mailbox. Moreover, since virus definitions can change/evolve rapidly, desires systems and the like should provide for additionally conducting security at the time the email recipient accesses the attachment. In addition, desired systems and the like should provide a means for logging information associated with the email recipient accessing/reading the attachment, such as which user/recipient accessed the attachment, on which computing device was the email attachment retrieved/opened, the date and time at which the email attachment was retrieved/opened and the like. Such information would be highly instrumental in investigating the significance and timing of network attacks and the like.