95% of attacks start with a phishing mail - are you really protected?
Shaped and influenced by experts at the UK’s GCHQ and NCSC in cooperation with academics and cyber experts from world leading academic and research centres, Aquilai’s Ajax technology is secure and unique.
The first enterprise class solution influenced and guided by UK Government and Cyber Intelligence agencies that is truly effective against email phishing today.
Ajax Intelligence is the first system to analyse email like a human cyber expert. Its Artificial Intelligence based security platform prevents a range of phishing threats using real-time technical checks and linguistic analysis to keep your employees and organisation safe
Previously known as Cybershield, AQUILAI is an Alumni of the GCHQ Cyber Accelerator and founder member of London Office for Rapid Cyber Acceleration (LORCA)
Ajax Intelligence detects & alerts employees when they are targeted by cyber criminals
Unlike consumer phishing email campaigns (high volume, broad in scope), spear phishing attacks are highly targeted. These attacks use carefully crafted emails combined with social engineering tactics to convince the victim to open and engage with the email.
Cyber criminals and state actors will often leverage data from breaches and social network sites, as well as public data about an organisation and its employees. These emails appear to come from a trusted sender, and ask the recipient to perform an action, which typically is to click on an embedded link, open a webpage and enter a password. Once this action is taken, the cyber criminal is able to steal confidential information, or build a persistent threat into the organisation where they can build backdoors to allow entry back into a breached network even if discovered.
Ajax Intelligence has been designed from the outset to detect newly created spear phishing emails and therefore does not rely on previous signatures. Looking at technical, linguistical and meta-data, of an email, gives Enterprise grade security to cloud based SME’s.
The image is a large test where phishing emails were sent through various “spam filters”. Because phishing is deceptive in nature and not spam (unwanted marketing emails), the phishing emails mostly get through to users inboxes. Only specialist phishing detection algorithms are effective against the phishing threat companies face.
Email gateways can be good at stopping mass spam or known phishing campaigns, by identifying known signatures to stop obvious patterns. However, advanced attacks utilising spear phishing techniques, often escape static rules because the text does not register any obviously spam based keywords with to much weighting being given to the sender’s reputation.
Email gateways typically look to infer phishing, by looking for attached malware and embedded links going to known identified phishing websites. However attackers use a much more researched approach with the email coming from legitimate email addresses without any obvious malicious signals. It becomes doubly difficult as the email subject can parrot the interests or job role of the potential victim.
DMARC was not built for the cloud era and have built-in limits that make them challenging for companies that have embraced cloud services. If your company is using more than three cloud services that want to send email on your behalf, you need to list those cloud services’ mail servers by IP address. Many companies lack the confidence that they’ve identified all the legitimate services that should be able to send email on their behalf. The consequences of an error can be high. IT administrators know the risks, so they are reluctant to take DMARC all the way to enforcement mode until they are absolutely sure it’s not going to cut off any critical services. Given the problems with DMARC’s complexity and its built-in limitations, that state of absolute confidence may never arrive. Even if this state is arrived at you still need to consider maintenance, management, and alerting/notification. The sorry truth is that companies start with the best of intentions, but then get into a lot of hot water and never get past monitoring mode of DMARC. The reality is DMARC is simple in principle but complicated to manage in today’s modern cloud-centric world.
Due to these complications and on-going administration costs DMARC becomes a show stopper for most cloud based SME’s, who need easy to implement and manage email security solutions.
Ajax intelligence can be installed in minutes, is intuitive for users to understand, and for the first time gives companies analytics to understand their own phishing threat profile. Ajax continually learns and evolves to offer up to date protection to every user automatically. .
Ajax Intelligence, prevents forgery of both internal employee email and external branded email. By using Ajax, users are trained to spot signs of phishing attempts they and their organisation receive.
Ajax does not interfere in mail delivery, eliminating lost emails, outages, and delays common to gateway email security solutions.
Ajax helps employees of companies as it detects technical exploits and social engineering exploits designed to target people and deceive them into doing the wrong thing.
This early alert helps solve the educational challenge of stopping employees clicking on malicious links, opening unknown attachments or following illegitimate instructions.
With this real time detection in place cyber breaches can be dramatically reduced and companies can be safer from business disruption, financial loss, and reputational damage than ever before.
Ajax gives employees their own virtual cyber security expert to bolster defences and reduce the risk of becoming a victim to phising and spear phishing attacks.
All incoming emails processed and checked for indicators of compromise
Copyright © 2018 Cyber Security Defence - All Rights Reserved