Resources

Blog

Steve Katz, FS-ISAC Chairman: Perspectives on Phishing

Steve Katz - “Phishing and social engineering is still a global threat to every business around today.”Last year, phishing attacks cost organizations $4.5 billion in losses, but as we all know the loss is not only monetary. These attacks exploit the trust we as customers have in the brands we use.Recently Agari sat down with the Financial Services industry's first CISO, previous CSO of Citi Group...
Blog

Exploring Phishing Statistics

At Agari, we are vocal about the steps organizations can take to protect their brands and customers from the impact of phishing attacks. But what exactly are the hard numbers behind our mission? Let’s look at some phishing statistics showing a clear need for change when it comes to mitigating the phishing problem. A rising threat Verizon research has found that phishing is now the second most...
Blog

Protecting Customers From Phishing At FS-ISAC

A long-time sponsor of FS-ISAC, Agari takes pride in being a member of the digital security community, committed to protecting financial services brands and their customers from email-based cyber attacks. During this year's conference, held at the Hotel del Coronado in San Diego, we once again joined our industry brethren, reconnected with familiar faces and forged new relationships with cyber...
Blog

Phishing Awareness: How to Prevent Phishing

[et_pb_section admin_label="section"][et_pb_row admin_label="row"][et_pb_column type="4_4"][et_pb_text admin_label="Text" background_layout="light" text_orientation="left" use_border_color="off" border_color="#ffffff" border_style="solid"] In the final installment in our series of blogs on the Fundamentals of Phishing we will explore how to prevent phishing attacks. To truly prevent email...
Blog

Email Phishing Examples and How to Spot Them

In the second in our series of blogs on the Fundamentals of Phishing we will explore how to identify fraudulent emails. Not that long ago, phishing attempts were quite primitive and often full of errors, and it was easier for consumers to identify when something was amiss. In addition, consumers weren’t accessing their inboxes from multiple devices and mobiles, nor did they expect to receive...
Blog

Exploring the Ashley Madison Dataset

I first heard about the Ashley Madison breach on July 15, 2015 in a post by Brian Krebs. I immediately wondered what the fallout of such a breach would be. Would Ashley Madison's new tagline be "1 million divorces and counting!" Would the perpetrators try to profit from the stolen data, perhaps through blackmail? I never imagined I'd soon have the chance to explore the dataset myself, after Forbes...
Blog

Agari and RiskIQ Join Forces to Share Threat Data to Fight Cyber Criminals

Threat intelligence exchange will benefit Agari and RiskIQ customers through heightened security awareness and the ability to respond to discovered threatsSAN MATEO, Calif. — Sept. 15, 2015 — Agari, the leading provider of data-driven security solutions that detect and prevent advanced email cyberthreats, and RiskIQ, the Enterprise Digital Footprint Security company, today announced a strategic...
Blog

Airflow DAG @ Agari

Workflow Schedulers Workflow schedulers are systems that are responsibile for the periodic execution of workflows in a reliable and scalable manner. Workflow schedulers are pervasive - for instance, any company that has a data warehouse, a specialized database typically used for reporting, uses a workflow scheduler to coordinate nightly data loads into the data warehouse. Of more interest to...
Blog

What is 'Zero-Trust'?

With the X-Files soon making a return to the small screen (!!!), I have been thinking a lot lately about the concept of trust. Specifically as it relates to security, and especially the concept of "Zero-Trust". Many security front-runners have begun enacting a new security architecture called Zero-Trust Networking and it really took off when Google decided to implement it. The underlying...
Blog

Automated Model Building with EMR, Spark, and Airflow

Data science applications provide much of the power behind Agari’s e-mail security products. The e-mail landscape is vast and dynamic, and we require the ability to regularly analyze incoming data. Models including forwarder classification, malicious campaign identification, domain reputation, and inbound sender modeling are created on hourly to daily cadences. We therefore need a fast and cost...
Blog

Data Science at Agari: Forwarder Classification

MotivationAmong the challenges that our engineering team faces is the ability to classify an email-sending entity as a forwarder. At Agari, we are primarily interested in the authentication of emails from originating senders. Forwarders are defined as entities which forward messages from originating senders as well as from other forwarders. Examples include servers in educational institutions,...
Blog

Scaling Postfix on AWS with Elastic Load Balancing

Agari's mission to solve email phishing often presents unique technical challenges. Our data ingestion process involves coping with large-scale inbound SMTP traffic. We've chosen Postfix as our MTA of choice. The traditional way to scale SMTP is simply to maintain MX records for multiple ingestion paths. This works but can be very limiting. Agari's Amazon Web Services-hosted infrastructure...
Blog

Agari Recognized by OTA for Commitment to Online Trust and Security

Fourth consecutive year that Agari is honored for its leadership in brand protection, privacy and securitySAN MATEO, Calif. – June 16, 2015 – Agari, the leading provider of data-driven security solutions that detect and prevent advanced email cyber threats, today announced it has been chosen for the Online Trust Alliance (OTA) 2015 Online Trust Honor Roll for the fourth year in a row. Each year,...
Blog

Why Email Marketers Need to Know About DMARC and Email Security

By Brad van der Woerd, Director, Market Intelligence & Deliverability at Yesmail Read original post here.Early last year, we published a blog post informing marketers about the occurrences of cyber crime within the email security landscape via methods such as email phishing and domain spoofing. We also shared details about a form of email technology called Domain-based Message Authentication,...
Blog

Leveraging AWS to Build a Scalable Data Pipeline

Data-rich companies (e.g. LinkedIn, Facebook, Google, and Twitter) have historically built custom data pipelines over bare metal in custom-designed data centers. In order to meet strict requirements on data security, fault-tolerance, cost control, job scalability, and uptime, they need to closely manage their core technology. Like serving systems (e.g. web application servers and OLTP databases)...
Blog

Standalone DLP Solutions – Are They Right for You?

According to TATA Tele Business Services' blog in 2023, ". . .data loss prevention (DLP) has seen remarkable growth over the years and shows no signs of slowing down. . .and will continue to adapt and stay relevant." When we talk about data loss prevention, there are two major categories that DLP covers: DLP to stop sensitive data from being inadvertently accessed when an individual is...
Blog

Cyber Security Reflections on 2014

Over a year ago, Target publicly acknowledged the now infamous data breach. For many weeks afterwards, news of the Target breach dominated the headlines. Cyber security was no longer just a topic for security professionals; the topic had gone mainstream. Sadly, 2013 was quickly eclipsed by 2014 in terms of data breaches. In a report released on December 9th, 2014, the Identity Theft Resource...
Blog

The Fours Types of Senders: Forwarders

Series Introduction l Internal Infrastructure l Third Party SendersLet’s re-visit our cocktail party scenario to illustrate how this third type of sender works, because who doesn’t love a good party? Someone again hands you a business card, this time with a PayPal logo on it. You ask them how they like working at PayPal, and the person says, “I don’t work for PayPal. That guy over there gave me...
Blog

The Four Types of Senders: Third-Party Senders

Series Introduction l Internal InfrastructurePrevious article in the series can be found here.Let’s go back to the cocktail party scenario I talked about last week. Imagine you are at a cocktail party and someone you don’t know hands you their business card and the card has your company logo on it. Maybe you work for a big company and don’t know all your coworkers, so you don’t think twice about...
Blog

Agari Partners with Palo Alto Networks

In a further expansion of the Agari Trust Network’s data exchange program, Agari and Palo Alto Networks have partnered to exchange email-based threat data. The idea is simple, but incredibly powerful.1) Time to detection acceleratedAgari detects potential email-based malware in near real-time. This leads to faster detection of email-based malware than previously possible by any security solution....