Start-up Agari debuts with security to stop fake e-mail, phishing attacks

Start-up Agari debuts today with cloud-based e-mail security services aimed at allowing enterprises and e-commerce companies to identify and block fake and spoofed e-mail exploiting their legitimate business domain names to conduct scams and phishing attacks.

Facebook and YouSendIt are among the early adopters of the Agari technology, according to Patrick Peterson, founder and CEO of the company, which is based in Palo Alto.

Facebook community forum swamped by spam during Thanksgiving

"They understood how e-mail identity is being abused," says Peterson, who adds the Agari service allows Facebook, for example, to set policy controls and automatically block fake e-mail attempting to exploit Facebook's legitimate domain names used for e-mail.

Agari's protective filtering relies on the big e-mail providers to make it work, and Agari so far has gotten AOL, Google, Microsoft and Yahoo on board to integrate the Agari technology directly into their e-mail systems to be able to detect fake e-mail. Today, Google product manager Adam Dawes, AOL mail engineering lead Charlie Biegel, Microsoft general manager, safety services, John Scarrow and Yahoo Mail senior director of product management David McDowell each voiced support for the Agari platform to stop illegitimate sources of e-mail.

This accounts for about 1 billion e-mail boxes, says Peterson, noting that there's no financial arrangement with the four big e-mail providers regarding supporting the Agari platform. Already, about 1.5 billion messages each day are now being securely filtered using Agari technology to weed out e-mail attack traffic for customers. While this is a big step, Peterson is the first to admit more is needed.

The Agari service is intended for businesses to be able to set e-mail security policies from the Agari portal that AOL, Google, Microsoft and Yahoo will automatically implement on their behalf to block e-mail detected to be fake and abusing the legitimate domain name of the business, with what Peterson says is a "one in one million false positive rate." Customers using Agari can also show a stream of any blocked e-mail determined to be spoofed or fraudulent.

Agari's technology is called the Agari Email Trust Fabric, and it makes use of established Internet protocols DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF). Peterson says about half of all Internet mail today is SPF and DKIM-signed already, and customers using the Agari service must support it, too.

But the Agari service at this point doesn't provide this security filtering for e-mail destined for the typical corporate e-mail server, and thus is more consumer-focused in that regard for now. "This is not for [Microsoft] Exchange," says Peterson but adds Agari is working on finding a way for its technology to apply to various corporate e-mail servers as well.

Also, as of yet, the Agari system wouldn't stop attackers that could evade the Agari e-mail filtering process by using, for instance, European telecom or ISPs which don't yet support Agari filtering.

Because there's such a mammoth stream of spam each day, AT&T and other ISPs already make great efforts to block it, which "is a great and important technology," Peterson says. What Agari adds to this effort, he says, is a way to detect and notify an enterprise about any attempt to steal their specific business e-mail identity in order to trick people into opening fake e-mail that might be loaded with malware or is a phishing attack designed to look like e-mail from a company or someone they know. Agari has some competition in this segment, with company Return Path also seeking to win in the e-mail assurance arena.

"Agari means to win in Japanese," Peterson says. The company, formed in October 2009 and now with 13 employees, has received about $2.5 million in venture capital backing from Alloy Ventures, Battery Ventures, First Round Capital and Greylock Partners.

The history of Agari has roots at Cisco, where Peterson, a Cisco Fellow involved in research, convinced Cisco to let him go off and establish the company based on technology Peterson was developing before joining Cisco as part of the IronPort acquisition. But Peterson still retains his position as Cisco Fellow, though cutting back on hours to spend most of his time at Agari. Cisco, while it's said not to be an investor at Agari, does gain benefits such as access to security information of interest, and a chance to co-market Agari services to Cisco customers.

Read more about wide area network in Network World's Wide Area Network section.

This story, "Start-up Agari debuts with security to stop fake e-mail, phishing attacks" was originally published by Network World.

Copyright © 2011 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon