Identity Graph Scoring
The final Identity Graph Score of a message is a combination of the features and indicators of the three phases of the Agari Identity Graph. By incorporating likelihood of identity, behavior anomaly metrics, and degree of relationship, the final score determines whether the recipient should view the message as Trusted or Untrusted with high fidelity and efficacy.
The fundamental goal of the Agari Identity Graph is to model the real-time email-sending behavior of all legitimate senders across the Internet. Using Internet-scale sources of email telemetry, patented algorithms, and a real-time scoring pipeline, the system continuously updates multiple individual, organizational, and class-based behavioral models that allow it to uniquely and effectively determine the trustworthiness of current and emerging forms of identity-based attacks.
The Agari Identity Graph leverages a variety of email telemetry sources, including those that provide local context for a specific company, and those that represent traffic for global high volume senders and consumer mailbox providers. The scope and volume of this message traffic, up to two trillion messages per year, provides unique visibility into the legitimate identities and infrastructure that make up a significant proportion of global email volume. This telemetry continuously trains and updates the models used to represent both identity-specific and class-based behavior.
The system leverages a variety of ML algorithms that span the three phases of the Agari Identity Graph. The output of the foundational models act as feature value inputs for the subsequent layers, creating a hierarchical scoring structure that allows for continuous refinement of each model in the face of ongoing research, new telemetry sources, and unique features.
Agari has leveraged the elasticity enabled by its cloud-native architecture to build a real-time scoring pipeline that operates at the scale required for the continued growth of its telemetry network and customer base. This pipeline uses a combination of online and offline ML to drive over 300 million daily model updates, allowing the system to maintain a real-time understanding of email behavioral patterns.
The Agari Identity Graph is the core of the next-generation Secure Email Cloud. It takes a new approach to detecting the modern, sophisticated, identity-based attack. Leveraging global telemetry sources, unique algorithms, and a real-time scoring pipeline, the system continuously models email sending and receiving behaviors across the Internet to detect the new attacks of today and the even more sophisticated ones we expect to see in the future.
Agari is transforming the legacy Secure Email Gateway with its next-generation Secure Email Cloud powered by predictive AI. Leveraging data science and real-time intelligence from trillions of emails, the Agari Identity Graph detects, defends, and deters costly advanced email attacks including business email compromise, spear phishing, and account takeover. Winner of the 2018 Best Email Security Solution by SC Magazine, Agari restores trust to the inbox for government agencies, businesses, and consumers worldwide.
As your last line of defense against advanced email attacks, Agari stops attacks that bypass other technologies—protecting employees and customers, while also enabling incident response teams to quickly analyze and respond to targeted attacks. Get a free trial today to discover how much money you can save by adding Agari to your email security environment.