January 2023

At InQuest, we’re obsessed with finding malware, exploits, zero-days, phishing lures, ransomware, data loss violations and more - cleverly hidden within the everyday files your end-users interact with. And, of course, it is a well-worn maxim that 94% of all malware is delivered via email.

December 2022

How SPF, DMARC, and DKIM and Other Email Authentication Techniques Help Protect Against Malware, Ransomware, and Phishing Imagine a utopian world where you could be sure that you only received email that you wanted, you knew it was from a legitimate sender, and you were sure it was not laced with malware, ransomware, phishing lures or other nefarious trickery. Now wake up! There is no utopia. But, there are specific - and simple - measures you can take to live in a less dystopian email world. And surprisingly, many organizations remain exposed.

April 2022

Calculating Return-on-Investment (ROI) When you’re considering making an IT or InfoSec procurement, how do you determine what your return on investment (ROI) or return on security investment (ROSI) will be? The problem is that the standard calculation to evaluate investments is based on expected cash flow, in the form of revenue earned or expenses avoided: ROI, Net Present Value (NPV), and Internal Rate of Return (IRR). The total cost of ownership is commonly used for IT investments but is exclusively based on fees by totaling the initial purchase price plus ongoing support.

October 2021

Email Security: Part 1 - How email works: In Part 1 of the Email Security Blog series, we discuss how email works. Read through the process, a description of different mail protocols, and some key terminology. The second part of the series will cover how the InQuest Email Security capability is installed, while the final part will cover the features to include detection or prevention for ransomware, VIP impersonation, phishing, password-protected attachments, invoice fraud, crypto scams, brand impersonation, and other forms of ever-evolving social engineering.

August 2021

The Trystero Project The "Trystero Project" is our code name for an experiment that we're actively conducting to measure the security efficacy of the two largest mail providers, Google (Workspace, aka GSuite) and Microsoft (O365), against real-world emerging malware. The name and icons are sourced from Crying of Lot 49, a novel written by American author Thomas Pynchon and published in 1965. Why e-mail security?

June 2021

According to the 2020 Verizon Breach and Investigation report, Email is still the most common vector by which organizations are attacked. The importance of implementing email security best practices, therefore, cannot be exaggerated, considering most enterprises rely heavily on this channel for everyday business communications.