Search Close
84% of Federal Domains that Use DMARC Count on Agari


Imposters Pose a Threat

Fraudsters often pose as government agencies using spear phishing to impersonate a specific person at a government body. Threats have become increasingly sophisticated.

This is just one reason the US Department of Homeland Security has issued BOD-18-01, requiring Federal agencies to implement DMARC as a mechanism to thwart government impersonation.

Many agencies have met the deadline. Others continue to struggle with email systems that are notoriously complicated making it difficult to identify all authorized and un-authorized senders

working on laptop
People Meeting
Agari Secure Email Cloud™

Agari stays one step ahead of fraudsters because it understands the identity and trust relationships behind the email message. Our solutions know what good emails and sender behavior looks like, so we can stop the bad.

Government agencies use Agari to fully-automate DMARC implementation. This accelerates deployment, reduces time to enforcement and helps them stay there.

Agari also protects staff from disruptive advanced email attacks and supports the Security Operations Center with workflow automation for incident response.

Challenges & Solutions

Always-on protection for your agency

Getting to DMARC enforcement and staying there is critical to supporting BOD 18-01. This can be costly and time consuming.

Agari accelerates DMARC implementation by continuously analyzing email senders, providing insight into their email authentication capabilities, and offering management tools that give you the confidence to block delivery of unauthorized email.

Agari also provides protection from display name deception and look alike domains to ferret out attacks that would otherwise bypass secure email gateways (SEGs).

Federal DMARC Getting Started Guide

Government agencies use Agari to implement enterprise-level email security that meets Federal Information Security Management Act (FISMA) requirements and protects agency employees from spear phishing attacks.

Unlike legacy security controls that recognize the “digital signature” of an attack, Agari takes the opposite approach — modeling good email and sender behavior that can’t be faked or spoofed.

By understanding the relationships between sender and recipient, Agari recognizes anomalous signs and behaviors within context, and keeps spear phishing attacks out of employee inboxes.

working on laptop

Fraudsters routinely target healthcare because an individuals’ personal, credit and protected health information (PHI) are accessible in one place.

Account takeover happens when an employee is tricked into a log in attempt on a fake website or business app, or they unknowingly download malware thinking it’s a necessary software update.

Agari recognizes these attacks because they stand out from the good identities and behaviors modeled over time.

Email provides fraudsters with a convenient way to deliver customized malware, remote access trojans and computer viruses. These lack a recognizable “digital signature” so they slip past legacy defenses.

Identity deception is often used to deliver these payloads, but the lack of good email and behavioral history makes these attacks stand out to Agari.

Agari is uniquely able to defend against zero-day attacks that have never been seen before to give you the confidence to open and click anything in your inbox.

Email security training is part of a layered defense, but in addition to legitimate incidents it can also generate false positives – often many of them.

Agari cuts Security Operations Center response time by up to 95% for employee-reported incident triage, forensics, remediation and breach containment.

Breaches that otherwise take months to discover are detected and contained in mere minutes. And automated impersonation, URL and file analysis detects malicious content that easily evades traditional secure email gateways (SEGs).

card two
Small Bg Big Image
Agari Secure Email CloudTM

Detect, defend, and deter advanced email attacks that evade legacy email security controls.

Calculate Your ROI
Secure Email Cloud ROI Analyzer

Calculate the Return on Investment from securing your email channel.

Business Fraud pattern
Business Fraud pattern



Blog Post

One Year Later: Federal Mandate for Email Authentication Huge Success

Responding to BOD 18-01, agencies rally to complete the fastest sector-wide adoption of DMARC One ...


Getting Started with DMARC: A Guide for Federal Agencies

Federal agencies that send and receive email using .gov domains must use DMARC for email security to ...


Q4 2018: Email Fraud and DMARC Adoption Trends

From July through October 2018, attackers overwhelmingly used display name deception to launch business ...

dmarc federal


DMARC in Federal Government

DHS’ Binding Operational Directive (BOD) 18-01 requires Federal Government agencies to adopt DMARC ...

Mail Letter

Would you like the confidence to trust your inbox?