Collaboration is key to effective defense
Alexander Garcia- Tobar, VP of Corporate & Business Development
From inception, Agari has always taken an ecosystem approach to our email security solutions. From our ISP partners such as Google, Microsoft, Y!, to our Email Solution Provider partners including Epsilon, Silverpop, Yesmail, and our security partners ranging from Cisco to Markmonitor, our fundamental belief is by collaborating and sharing insights we become more effective against cyber criminals who collaborate all day long. With this in mind, we’ve created The Agari Trust Network, a network of partners who share our beliefs and have agreed to work with Agari in combating email, domain, and brand abuse.
The core concept behind the Agari Trust Network is to form a network of companies that are dedicated to thwarting email-based attacks. By working with Agari, this growing network of companies and agencies are implementing email best practices and open standards, to provide visibility and protection against email-based attacks. Here’s a quick summary of why industry leaders have joined forces with Agari:
Consumer Email Service Providers (B2C ISPs)
Gmail, Microsoft’s Hotmail, Y! Mail, AOL and others have partnered with Agari to ensure proper email authentication. Email authentication is critical since without it, there is no way to validate the sender of the email in question, allowing criminals to impersonate trusted brands and trick consumers into opening email. Together, we are promoting & enforcing the proper use of email authentication protocols such as SPF, DKIM, and DMARC to validate the sender of an email. Should email fail authentication, these ISPs will carry out instructions set out by the domain owner. In the case of Agari’s clients, this includes alerting Agari to email that fails authentication and potentially represents authentication errors or malicious attacks. Agari then provides the owner of the domain visibility and guidance on how to fix any error or stop confirmed email-based attacks. This is a win-win for our ISP partners & our clients: ISPs dramatically reduce email-based attacks on consumers and can quickly identify the “good email” – email that authenticates properly and should therefore be delivered. Our clients get better visibility, deliverability & classification of their email by ISPs, and gain protection against potential attacks.
Email Solution Providers (ESPs)
Yesmail, Inbox Marketer, Sailthru, Silverpop, Epsilon, and other ESPs have partnered with Agari to ensure better visibility and deliverability of their clients’ email. By deploying Agari’s award-winning solutions, the ESPs are able to monitor and more efficiently improve email authentication, something that ISPs have increasingly insisted on. For example, Google’s own site states: “Authentication is highly recommended for every mail sender to ensure that your messages are correctly classified – Google”. By properly listing where and who emails are coming from, leading ESPs can ensure better overall email hygiene and eliminate a major loophole criminals take advantage of. This also creates a win-win scenario: The ESPs get better deliverability & visibility, while their clients’ consumers see fewer phishing attacks, giving them the confidence to open & respond to emails. Marketers, meanwhile, protect email, which is still the principal method of communicating with consumers.
Agari has set up a number of partnerships with a range of leading security companies such as Internet Identity, Cisco, Phishlabs, Cyveillance, and others to expand our collective data footprint and to provide an early-warning system to the Agari Trust Network. For example, malicious URLs alerts can be processed and updated in real time by our client’s security vendor of choice. We have set up these real time threat feeds for a majority of our clients to great acclaim. Since Agari’s method of detection is unique and real-time, we are generally the first to detect potential email-based attacks and can inform our clients’ vendor so they can do further research to determine whether to block or allow employees to connect to a site or to open an email.
These are just our first steps towards an effective ecosystem response against the ever-increasing email-based threats posed by criminals globally. In the coming months, we plan to announce a slew of new members joining the Agari Trust Network and exciting new ecosystem-based approaches to combat email, domain, and brand abuse….stay tuned!