Email Security: Agari Delivers a Whole New Level of Actionable Insight to Outpace Threat Actors

5 min readJan 26, 2021

By Art Chavez, senior product marketer, Agari

CISOs and their teams are about to get some serious performance enhancers in their high-stakes race against email security threats.

According to the FBI, phishing campaigns, business email compromise (BEC) scams, and other advanced email attacks have resulted in $26 billion in business losses over the course of three years. Then 2020 happened.

With 75 million corporate employees even now still working from home due to distancing mandates, the scramble to secure an ever-expanding attack surface against a growing universe of threat actors has made actionable threat data as valuable as it is rare.

Until now. Thanks to Agari’s Winter 2021 Release, CISO organizations, SOC analysts, and messaging teams will gain a whole new level of visibility into the email threats targeting their businesses — faster and easier than ever before.

Hybrid Email Environments: One Console to Protect Them All

Nowhere is this more urgent than in rapidly evolving cloud environments. Today, many large organizations combine public, private, and on-premise resources to reduce costs and scale innovation, while keeping critical data on-premise to meet specific business and regulatory requirements.

But with phishing and BEC attacks against businesses operating within G-Suite, Yahoo, and especially Office 365 on the rise, so are the complexities associated with securing hybrid email environments. Especially when hybrid systems can require separate email security systems with completely different logins, interfaces, and workflows.

But new features in Agari Phishing Defense™ changes all that. Whether in the midst of a cloud migration or intent on maintaining a hybrid environment long term, you can now protect all employee inboxes from email threats regardless of location — within O365, or on Exchange. All through a single interface.

Best of all, efficiency is just the start of it. Unified administration enables consistent security policies across the organization and minimizes the opportunity for error. In real-world implementations, these capabilities have been shown to reduce administrative overhead by more than 60% compared to maintaining a separate console in each environment.

Dialing Up Defenses With Expanded DMARC Data

Enhancements to Agari Brand Protection™ include a dramatic expansion of our global DMARC data network to several thousand new ISPs and third-party providers worldwide.

To those in the know, DMARC (Domain-based Messaging Authentication & Reporting) gives brands control over who’s allowed which domains are allowed to send emails on their behalf. It also enables email receiver systems to recognize when an email isn’t coming from a brand’s approved domains, and gives the brand the ability to tell the email receiver systems what to do with those unauthenticated email messages.

By increasing the breadth and diversity of sources for the DMARC RUA reports we process and expose via the Agari portal, you get an unprecedented level of DMARC visibility across all the registered domains you use to conduct business.

Portal Power: Real-Time Intel on the Threats Targeting Your Company

One of the things that has me most excited about our Winter Release is the launch of Agari Active Defense’s threat portal. Now, customers will have access to real-time threat data and historical trend lines on the specific phishing and BEC attacks their organizations.

With this portal, clients have instant access to pressing questions: What kinds of BEC scams are targeting which of your employees? Who are the threat actors behind these attacks? Which mule accounts are they attempting to use? What financial exposure were you able to eliminate using Agari services and solutions?

The Threat Portal arms your teams with the insights they need to understand the unique characteristics of specific attacks targeting your organization and how they compare to global trends — so you can optimize your defenses, reduce risk, and quantify the value of investments and initiatives. I mean, how cool is that?

Work Smarter: Integrating
Agari Threat Data into Splunk, XSOAR & Sentinel

It’s no secret that today’s security skills shortage means SOC teams often lack the people and scalable processes to keep pace with an escalating volume of alerts and never-ending security tasks. On their own, the SIEM and SOAR tools they use often lack out-of-the-box, email-specific workflows and can be limited in their ability to support prioritization, forensic analysis, impact analysis, triage, remediation and reporting.

As a result, analysts are forced to pivot across multiple consoles for data collection, mitigating false positives and performing manual, repetitive tasks throughout the lifecycle of an incident.

But Agari has the answer. New with our Winter 2021 release, customers can now integrate Agari threat data directly into Splunk SIEM, Palo Alto Networks Cortex XSOAR, and Microsoft Sentinel. With the ability to track security incidents through a single pane of glass, teams can enhance their preferred solutions and quickly remediate email threats before they lead to costly fraud or data breaches.

Avoiding the Blame Game

As you can see, our latest enhancements provide our customers and their teams with a whole new level of insight into the specific threats their organizations face, and the situational awareness they need to stay ahead of the bad guys before it costs them big.

Because here’s the thing. We talk a lot about direct financial losses from BEC and phishing attacks, as well as how email is still implicated in 7 in 10 corporate data breaches — to the tune of $8.6 million per incident. And plenty has been written about the alphabet soup of regulations taking hold here and around the world.

But to me, it’s case law that may make the strongest argument for deploying solutions to help your organization outpace the wolves at your door. If recent court cases are any indication, the party who is in the best position to prevent getting impersonated in phishing attacks, or protect against losing money to email imposters should bear the cost of the crimes.

In my book, the safest bet is to get the actionable data and visibility you need to avoid being on the losing end of either of those scenarios.

To learn more about how our Winter 2021 Release helps you secure the upper hand in email security:

Read the official announcement and sign up for a Self-Service Demo Experience for:

Agari Phishing Defense
Agari Brand Protection
Agari Phishing Response
Agari Active Defense




Agari is the Trusted Email Identity Company™, protecting companies and people from phishing and socially-engineered email attacks.