What do you like best about the product?

Agari Phishing Defense provides a robust, and easily customizable, additional layer of e-mail protection on top of Office 365's built-in protections, and Agari Phishing Defense (along with Agari Phishing Response) are essential components of our overall e-mail security framework. It is much easier to create and customize phishing protection policies in Agari than in Office 365. Agari Phishing Defense provides an easy way to view the details of each message in order to effectively evaluate it, and it is easy to take actions on one or many messages (such as deleting it or moving it to the Inbox) . For example, it is easy to create policies to delete (or move to an Agari Quarantine folder or the Junk Email folder) any e-mails that are not authentic e-mails sent by service providers identified in the policy (e.g., delete any e-mail claiming to be from DocuSign that isn't 100% authentic). Agari can also sync with Active Directory and you can create a policy to automatically act on any message that has a display name matching an employee but was not sent through the company's e-mail system (or from a list of approved alternate e-mails, such as an employee's personal e-mail address).

What do you dislike about the product?

Agari does not have an easy way to create robust exceptions to phishing policies. For example, I would like to be able to create a policy (let's call it "Policy A") to delete e-mails that fit the criteria specified (e.g., e-mails that spoof our domain or are display name imposters) UNLESS the e-mail meets the criteria in Policy B (a policy created to identify legitimate e-mails from a particular bank's secure e-mail system) or Policy C (a policy created to identify legitimate e-mails from a listserv), etc. We can create Policy A with a delete action and Policies B and C with Move to Inbox actions, which sort of works. But the result is that (1) any filtering rules setup by end users (e.g., to filter listserv e-mails to a particular folder) are broken by the Move to Inbox action, and (2) we get a lot of false positive notifications when Policy A is triggered even though Policy B is subsequently triggered. I've been requesting this feature for years, but it hasn't been developed.

Since HelpSystems purchased Agari, the innovation and feature development of Agari Phishing Defense seems to have stalled out. Before the acquisition, Agari regularly held user panels for customers to provide feedback and discuss and evaluate upcoming enhancements, but since the acquisition, I have not heard about any such panels or received any invitations to participate. Agari Phishing Defense remains a solid and valuable e-mail security solution, but I am concerned about its longterm health. It is also hard to measure, but support requests seem to be taking a lot longer to be resolved now than they used to.

What problems is the product solving and how is that benefiting you?

Agari Phishing Defense helps us identify and delete e-mails that are display name imposters of employees, spoof our domain name or the e-mail addresses of partners, or are otherwise not authentic or trustworthy. It forms a critical component of our systems for protecting employees from phishing attacks.