Cisco Startup Agari Stops Spam, Phishers With Cloud Email Security Service
Modernizing Authentication — What It Takes to Transform Secure Access
Cisco spinoff Agari launched its cloud services to help "brand owners" identify messages spoofing their domain names and help organizations block those spam and phishing messages.
With its Email Trust Fabric, the startup plans to give organizations a way to authenticate their email correspondence and apply policy controls over messages being sent and received, Agari said in its official launch announcement on Nov. 30. The company has signed up Google, Yahoo, Microsoft and AOL to use its data to filter out malicious messages. YouSendIt and Facebook are among the 50 customers that are authenticating email through the service.
As part of the trusted fabric, customers could stamp outgoing messages with cryptographic proof of their identity and as well as the recipient's identity. Facebook can set policy controls and automatically block mail that attempts to exploit the domain names the company uses. Customers have to pay a fee for the trusted stamp.
Instead of the email administrator determining what is legitimate and what is not, the sender can proactively take control and say which messages are legitimate, Patrick Peterson, the founder and CEO of Agari, told eWEEK.
The mail hosts and providers, in this case the major Webmail providers, can reject the spoofed messages with malicious attachments or links to phishing sites because they will be missing the trusted stamp, according to Peterson. The four mail providers will be integrating the Agari technology into their email infrastructure to detect and block fake email, such as messages pretending to be sent by Facebook.
The two most widely used mail authentication protocols are the DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF). Agari takes the protocols, which currently sign about half of all Internet mail, a step further.
The customer can search Agari's service for all domains and subdomains associated with the brand, and see which ones are being used by scammers to spoof malicious mail. Agari's graphical dashboard will also give customers a clear view of which server names are being used, and whether SPF and DKIM are properly enabled on those servers.
The customers can also set up a policy to say, "Ignore messages coming from this subdomain" and the mail providers like Google, Microsoft, Yahoo and AOL would automatically see and implement policy through the Agari portal to reject mail from that subdomain.
Peterson, a former Cisco executive who came on board through the IronPort acquisition, envisions an end to phishing. Even after a decade, there's been "little progress" toward making email, the most widely used communications medium, secure from phishing attacks, Peterson said.
A customer, such as Facebook, can log in to the Agari portal and see all the activity going on using is domain name, Daniel Raskin, vice president of marketing for Agari, told eWEEK. The service gives brand owners a way to perform "ongoing assessment and remediation" and to secure their own servers, Raskin said. If a new spam campaign is detected, the customer can quickly create a policy to ignore those messages, and all companies using Agari's metadata to filter out mail would immediately know.
Currently, Agari is focused on the four major mail providers to gain access to "a billion" inboxes. However, Peterson said he envisions expanding the fabric to include specific enterprises and smaller mail hosts to eventually sign up "every mail server." Agari will become an intermediary for email communications, similar to how VeriSign sells Secure Sockets Layer (SSL) certificates to indicate to Internet users which Websites are secure, the company said.