Identity Driven Email Anti-impersonation (IDEA)
Next Generation Platform
The Valimail Identity Driven Email Anti-impersonation (IDEA) platform, the world’s most robust machine learning and domain identity-based system for fighting fraudulent email, is the foundation for all Valimail products. Using patented machine learning algorithms, IDEA protects organizations against the #1 security threat, email impersonation, by allowing only trusted senders to the inbox.
As part of a layered approach, Valimail's IDEA platform closes the gap left by traditional security approaches that can't defend against impersonation-based fraudulent email. The Valimail IDEA platform runs on a robust, distributed Amazon Web Services infrastructure, with multiple points of presence in the U.S., EMEA, and Asia. It guarantees four nines (99.99%) of availability, and is backed by Privacy Shield certification and SOC-2 Level 1 compliance.
For most organizations, correctly identifying all third-party email senders in their organizations is a challenge. Employees are constantly signing up for new cloud IT apps (what's known as "shadow IT"), so new senders appear frequently. Moreover, many of these apps outsource the transmission of their email to industrial-grade ESPs (Email Service Providers), making it difficult to determine the sender. The Valimail Service Identifier catalogs and identifies hundreds of third-party services and, using our proprietary Machine Learning system, is the only technology on the market that reliably discovers and correctly identifies not only big, well-known email senders but also the smaller SaaS apps that are more difficult to identify.
In the cloud IT era, it's more important than ever for IT and security teams to have control over email sent by third-party senders. The Valimail Enforcement Controller allows domain owners to define the list of third-party services and internal systems that can send email on their behalf, and ensures that email from all other sources is blocked. It knows the configuration details for hundreds of services, gives administrators and business stakeholders alike an easy-to-understand catalog of service names that they can select from, and translates their selections into the SPF, DKIM, and DMARC configurations needed to authorize those services, thereby providing one-step control over their entire email ecosystem. Configuration information for every service is updated dynamically, so users don’t need to know configuration details, and authorized services are always authenticated.
The Valimail Authenticator answers authentication requests from mail receivers/MTAs in real-time, and is responsible for implementing the domain owner's authentication policy as defined in the Enforcement Controller. Since it includes Valimail's patented InstantSPF™ technology that fixes the SPF ten-domain lookup limit, the Authenticator allows organizations to authenticate an unlimited number of services and overcome a persistent challenge to correctly authenticating email. Making changes to email authentication policy is easy and risk-free — no DNS change is required. The Authenticator propagates email sender configuration changes instantly across the globe and ensures that email receivers/MTAs always see the latest policy.
Security teams need in-depth reporting on their email ecosystems, and the Valimail Analytics Service provides a comprehensive view with the ability to deep dive into specific areas of interest. In addition to producing historical data, the Valimail Analytics Service can provide notifications and alerts based on observed real-time ecosystem activity. It provides data in a variety of formats: dashboards, notifications, automated reports, APIs, and webhooks. The Valimail Analytics Service also makes it easy to pull ecosystem data into SIEMs (including Splunk), making it fully actionable to SOC teams.
Valimail Threat Intelligence analyzes numerous sources of data, including billions of email authentication queries and aggregate receiver data, to identify email-based threats that target employees, customers, and partners. Valimail Threat Intelligence is based on a number of sources including millions of DMARC aggregate reports and proprietary data gleaned from the Service Identifier and other Valimail components. It gives customers actionable threat intelligence for take-downs and integration with other customer systems (e.g. a SIEM).