Agari Introduces First Purpose-Built Phishing Incident Response Solution | Agari

Agari Introduces First Purpose-Built Phishing Incident Response Solution

Agari Phishing Response™ Enables Post-Delivery Remediation in Microsoft O365 Environments; Time-Consuming and Error-Prone Manual Phishing Response Costs Companies $4.3M/year

Posted on December 4, 2018

LONDON – December 4, 2018 Agari, the next-generation Secure Email Cloud that restores trust to the inbox, today announced Agari Phishing Response during Black Hat Europe. Agari Phishing Response is the only purpose-built phishing incident response solution for post-delivery remediation in Microsoft Office 365 environments. Agari Phishing Response eliminates error-prone and time-consuming reporting and response with automated investigation and remediation workflows that reduce phishing incident response time by up to 90 percent—enabling businesses to prevent and contain breaches before damage is done.

In a survey of more than 300 security professionals, Agari determined that the average company responds to 23,053 phishing incident reports per year—yet 50 percent are false positive reports from users. Responding to a phishing incident takes an average of 353 minutes (almost six hours); and even false positives take an average of 238 minutes (four hours). All of these reports and hours add up—at a cost of $253 per phishing incident—or nearly $4.3 million per year.

“Many organizations' security operations teams report that their work around investigating suspected phishing emails is heavily repetitive and requires many meticulous steps, such as checking multiple blacklists and different IT systems within the company,” reports Gartner Research VP and Distinguished Analyst Anton Chuvakin and VP Analyst Augusto Barros in Preparing Your Security Operations for Orchestration and Automation Tools, in February 2018.

However, the cost for not investigating phishing incidents is even higher. According to a 2018 IBM/Ponemon study, the average cost of a data breach in the United States is $7.9M. The 2018 Verizon Data Breach Incident Report indicates that phishing represents 93 percent of all breaches investigated—with email as the main entry point in 96 percent of cases. The Verizon DBIR also notes the disparity in breach response: the average breach exfiltrates data from an organization in hours, but the average time to discover a breach takes months.

Agari Phishing Response is a one-touch phishing incident response solution that seamlessly integrates with Microsoft Office 365 to automatically remove all phishing emails from user inboxes. Agari Phishing Response delivers detailed impact analysis—including URL, attachment and sender forensics—enabling security teams to ignore false positives and slash phishing incident response times. A centralized dashboard records breach containment metrics and measures reductions in phishing incident response times, so security teams can demonstrate a positive ROI. By streamlining phishing incident response times and automatically removing malicious emails from inboxes, Agari Phishing Response contains breaches in minutes instead of months.

Training end users to identify and report phishing emails is challenging; it is a time-consuming and error-prone process for both end users and security operations. Many businesses accumulate tens of thousands of user reported phishing incidents per year, which have a 50 percent false positive rate. These reports take an average of 5.9 hours per phishing incident to analyze and require complicated manual processes involving multiple tools to remediate.

Security orchestration, automation and response (SOAR) tools that claim to address this challenge but are expensive and complicated to implement, requiring custom coding to integrate before they add value. When a SOAR system was implemented, 50% of respondents reported incident response times over 1 hour per incident compared to 59% for non-SOAR adopters, a minimal reduction.

“Security operations shouldn’t have to spend all their time on chasing false positive user reports, while other security breaches go undetected,” said AJ Shipley, Vice President of Product Management, Agari. “Agari Phishing Response is changing the variables in the phishing incident response equation to take less time and with less error…and the solution is to provide demonstrable savings to the business.”

Agari Phishing Response is a part of the Agari Secure Email Cloud, a next-generation email security solution that detects, defends against and deters phishing and identity deception attacks.

Agari Phishing Response will be generally available to all customers within 30 days.

To learn more about Agari Phishing Response:

About Agari

Agari is transforming the legacy Secure Email Gateway with its next-generation Secure Email Cloud™ powered by predictive AI. Leveraging data science and real-time intelligence from trillions of emails, the Agari Identity Graph™ detects, defends, and deters costly advanced email attacks including business email compromise, spear phishing and account takeover. Winner of the 2018 Best Email Security Solution by SC Magazine, Agari restores trust to the inbox for government agencies, businesses, and consumers worldwide. Learn more at

# # #

Media Contact:
Clinton Karr
[email protected]
(415) 993-1010

Recent News
January 12, 2023

In this IT Security Wire article, cybersecurity experts 

September 29, 2022

It’s difficult to control your Social Security number in the wild.

September 14, 2022
In Cyber Protection Magazine’s Crucial Tech podcast, John Wilson, Senior Fellow, Threat Research, delves into the latest research from Agari and PhishLabs by Fortra.
September 12, 2022

In his guest essay for The Last Watchdog, Eric George, Director of Solutions Engineering at PhishLabs by, expl

September 2, 2022

MINNEAPOLIS (September 1, 2022)—Fortra announced today the acquisition of Outflank, a well-regarded IT security leader with de