Can you trust your inbox? Can your employees? Attackers have moved beyond sending malicious payloads to impersonating trusted senders in ways that are hard for even security-conscious people to detect—and easy for legacy email security tools to miss. These new attacks can steal funds and account credentials while also eroding trust in your organization.

Download this white paper to learn how Agari Identity Graph™ stops these social-engineering email attacks with:

  • Identity Mapping that examines identity markers and maps them to your company’s organizational identity;
  • Behavioral Analytics that uses multiple models to evaluate the expected email behavior of your employee, partner, and customer identities; and
  • Trust Modeling that clarifies the relationship between sending identities and recipients to secure your organization’s email channel.

Identity Graph Scoring

The final Identity Graph Score of a message is a combination of the features and indicators of the three phases of the Agari Identity Graph. By incorporating likelihood of identity, behavior anomaly metrics, and degree of relationship, the final score determines whether the recipient should view the message as Trusted or Untrusted with high fidelity and efficacy.

Modeling the Internet
Using Real-Time Modeling to Help You Trust Your Inbox

The fundamental goal of the Agari Identity Graph is to model the real-time email-sending behavior of all legitimate senders across the Internet. Using Internet-scale sources of email telemetry, patented algorithms, and a real-time scoring pipeline, the system continuously updates multiple individual, organizational, and class-based behavioral models that allow it to uniquely and effectively determine the trustworthiness of current and emerging forms of identity-based attacks.

The Agari Identity Graph leverages a variety of email telemetry sources, including those that provide local context for a specific company, and those that represent traffic for global high volume senders and consumer mailbox providers. The scope and volume of this message traffic, up to two trillion messages per year, provides unique visibility into the legitimate identities and infrastructure that make up a significant proportion of global email volume. This telemetry continuously trains and updates the models used to represent both identity-specific and class-based behavior.

The system leverages a variety of ML algorithms that span the three phases of the Agari Identity Graph. The output of the foundational models act as feature value inputs for the subsequent layers, creating a hierarchical scoring structure that allows for continuous refinement of each model in the face of ongoing research, new telemetry sources, and unique features.

Agari has leveraged the elasticity enabled by its cloud-native architecture to build a real-time scoring pipeline that operates at the scale required for the continued growth of its telemetry network and customer base. This pipeline uses a combination of online and offline ML to drive over 300 million daily model updates, allowing the system to maintain a real-time understanding of email behavioral patterns.

The Agari Identity Graph is the core of the next-generation Secure Email Cloud. It takes a new approach to detecting the modern, sophisticated, identity-based attack. Leveraging global telemetry sources, unique algorithms, and a real-time scoring pipeline, the system continuously models email sending and receiving behaviors across the Internet to detect the new attacks of today and the even more sophisticated ones we expect to see in the future.


About Agari

Agari is transforming the legacy Secure Email Gateway with its next-generation Secure Email Cloud powered by predictive AI. Leveraging data science and real-time intelligence from trillions of emails, the Agari Identity Graph detects, defends, and deters costly advanced email attacks including business email compromise, spear phishing, and account takeover. Winner of the 2018 Best Email Security Solution by SC Magazine, Agari restores trust to the inbox for government agencies, businesses, and consumers worldwide.

Discover How Agari Can Improve Your Current Email Security Infrastructure

As your last line of defense against advanced email attacks, Agari stops attacks that bypass other technologies—protecting employees and customers, while also enabling incident response teams to quickly analyze and respond to targeted attacks. Get a free trial today to discover how much money you can save by adding Agari to your email security environment.

Calculate the ROI of Implementing Agari

Discover how much money you can save by adding Agari to your email security environment with our custom ROI analyzer.

Close button
Mail Letter

Would you like the confidence to trust your inbox?