New Technology Reduces E-Mail Threats By Rating Sender Legitimacy for Every IP Address in the World

ATLANTA, January 31, 2005 – CipherTrust, Inc., the leader in messaging security, today announced TrustedSourceâ„? 3.0, which reinforces an organization’s e-mail security by providing the most precise sender reputation scoring available. The additional capabilities of TrustedSource 3.0 builds on CipherTrust’s unparalleled accuracy and effectiveness, further strengthening the performance of the award-winning IronMail appliance. TrustedSource 3.0 is powered by CipherTrust’s global customer network, the largest enterprise e-mail security network in the world.

As a result of research into data collected from more than 1400 customers protected by IronMail, TrustedSource utilizes real-time data on enterprise e-mail traffic. The Message Profiler, technology at the heart of every IronMail appliance, examines each message and provides a highly accurate threat score based on deep message inspection and scoring techniques. The combination of these technologies produces the most complete and precise reputation system ever built.

“By examining and scoring every message seen by the broadest enterprise e-mail security network in the world, TrustedSource allows CipherTrust to leverage its leadership in an innovative way,” said Brian Burke, Research Manager for IDC’s Security Products service. “Precisely assessing sender reputation is an important component of the next generation of messaging security solutions.”

Guilty until Proven Innocent
TrustedSource continually tracks and provides reputation scores for the approximately 50 million IP addresses that send e-mail frequently to enterprise recipients within CipherTrust’s global customer network. By identifying the IP addresses that regularly communicate with enterprises, CipherTrust research was able to focus on the senders that have not been regular communication partners in the past. What they found is that 30% of the average enterprise’s message flow is from senders that rarely, if ever, send e-mail. CipherTrust has determined with a distinctly high probability that these unknown senders are likely “zombie” machines that have been taken over by hackers to send spam, viruses, phishing scams and other unwanted messages. Every hour, over 18,000 new zombies are detected by TrustedSource.

By applying this principle, TrustedSource 3.0 provides a reputation for every sender, regardless of whether IronMail has encountered the sender before or not. These new senders are “guilty until proven innocent,” forcing a new IP address to demonstrate good behavior to earn a positive reputation score. This, in effect, slays the zombie networks by blocking messages from likely compromised machines.

Key to maintaining IronMail’s market leading accuracy and effectiveness in blocking bad messages is CipherTrust’s patented Message Profiler. The Message Profiler technology tests thousands of message characteristics and utilizes TrustedSource data to determine the threat presented by each message. Message Profiler does not depend on any one characteristic to assess a message, so the risk of “false positives” (rejection of legitimate e-mail) is miniscule, even with new senders.

Constant Feedback and Still No “Pay to Play”
Unlike competing reputation systems that do not use customer data to derive reputation scores, TrustedSource constantly tunes sender reputation based upon actual results from the field. This feedback system ensures that each sender’s reputation is accurate and timely, a critical requirement given the dynamic nature of today’s e-mail threats. Furthermore, there is no way to bypass TrustedSource by buying a bond to get onto a “safe” sender list and bypassing security defenses. CipherTrust maintains that good sender reputation is earned, not bought.

“Based on our research, the behavior of IP addresses, and TrustedSource’s feedback mechanism, which leverages information from the largest enterprise e-mail network in the world , our reputation system is far more precise when assessing the legitimacy of each sender,” said Dr. Paul Judge, chief technology officer at CipherTrust. “Now, with the work we’ve done in analyzing the behavior of new e-mail senders, we’re able to derive reputation scores for all of the 4.2 billion IP addresses that could potentially send e-mail. The result is more accurate and effective e-mail threat handling for our customers, whether they have seen the sender before or not.”

TrustedSource 3.0 is available immediately and is already in use by existing IronMail installations.

About CipherTrust, Inc.
CipherTrust, Inc. is the leader in messaging security. Recognized by IDC as the market leader, the Company’s award-winning IronMail appliance protects the messaging systems of more enterprise e-mail users than any other solution, including more than 30 percent of the Fortune 100. CipherTrust pioneered messaging security by uniquely combining the five critical e-mail security components of spam and fraud prevention, virus and worm protection, policy and content compliance, e-mail privacy, and intrusion prevention into a single easy to deploy and manage platform. The Company is backed by top tier investors including Battery Ventures and Greylock Partners. For more information about CipherTrust, please visit www.ciphertrust.com or call 877.448.8625.