What is Cyber Warden?


Cyber Warden is a cybersecurity company that provides various services such as:
  • Email Protection
  • Data Protection
  • Business Continuity
  • Disaster Recovery
  • Security Assessments
  • Policies & Procedures
  • Training
  • Incident Management
  • Virtual/Fractional CISO

Why do I need cybersecurity?


Every organization needs to protect their assets regardless of their size or value. Cyber criminals don't care if you have a little, or a lot of money. They are opportunists, and they'll happily take everything that you have. The sad part is, that once they have the money, there is zero chance of getting it back, so prevention is always the best policy.

What types of threats can Cyber Warden help protect against?


We can help protect against most threats - external or internal. It's not always the guy wearing a back hoodie hunched over a laptop in a darkened room that you have to worry about.
Our speciality is email security - this is often overlooked in most businesses, often with disastrous consequences.

What is Email Security?


Email was invented alongside the internet, and both have grown to become the core of today's online world. Unfortunately, email's evolution has been slowed by a lack of built-in identity. By default, anyone can send email pretending to be someone else, leading to email's identity crisis:

90%+ of all cyber attacks involve fake email

When email domains can easily be hijacked to send malicious email, reputations suffer, people lose trust, and fraud is allowed to spread.

Our view of email security goes far deeper than most of our competitors, who mostly provide point (incomplete) solutions.
We protect your organization by:
  • Protecting your brand
  • Preventing email spoofing
  • Providing visibility of all authorized and non-authorized senders of email claiming to be from your domains
  • Improve email deliverability
  • Adding spam/phishing/malware filtering protection to the protection provided by your existing mail provider.
  • Emergency "Business as Usual" email in case of a breach or outage
  • Audit of your existing security measures
  • Advice on remediating any issues identified
  • Awareness training for staff on phishing and malware best practice

How do you protect my brand?


As part of the onboarding process for Mail Aegis, we assist our customers to easily configure SPF, DKIM, DMARC, and MTA-STS (Mail Aegis Silver and above). We take care of all the required certificates, server configuration, and hosting of policies. All our customers have to do is create some DNS records.

SPF is Sender Policy Framework. This defines which servers are authorized to send mail from your domain.
DKIM (DomainKeys Identified Mail) is an email authentication method designed to detect forged sender addresses in email, a technique often used in phishing and email spam.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.
MTA-STS (Mail Transfer Agent Strict Transport Security) is a protocol which tells services that are sending mail to your organisation that your domain supports Transport Layer Security (TLS) 1.2 or higher, and that they must encrypt that mail as it traverses the internet with TLS. This protocol provides confidentiality to your messages as they traverse the internet similar to how HTTPS works, and makes email less vulnerable to man-in-the-middle attacks.
Most of our competitors don't offer MTA-STS because they consider it too difficult. We consider it essential.

Do you provide any guarantee that we won't get hacked?


No cyber security company can honestly make any guarantees. We help reduce the chances of anyone gaining access to your systems or data.

How do you provide visibility on authorized and non-authorized senders of email?


Protection such as DMARC and MTA-STS can't be very effective unless their performance/conformance is measured. Reporting is a key component of DMARC, and for MTA-STS, there is the TLS-RPT standard, so we include DMARC and TLS-RPT reporting, and present the reports so that you can see at a glance how the solution is working, and where the threats are coming from.

We already have an email filtering service. Can you help us just with brand protection, integrity, and confidentiality? (DMARC, MTA-STS and TLS-RPT)?


Yes, of course. Please get in contact and we can discuss your requirement. In the majority of cases we will have you up & running quickly and easily.

You don't offer DANE - Why not?


We don't currently offer DANE for three main reasons:
  • DNSSEC is still not ubiquitous.
  • The Certificate management requirement is too much overhead for most SMEs.
  • MTA-STS is "good enough" without the management overheads or DNSSEC requirements of DANE.

If we use Mail Aegis, will our emails be encrypted?


By default, we provide encryption of the communications channel between mail servers (data in motion), however we can't provide encryption of data at rest (your email server, or the other party's email server. That is up to you and the entities that you communicate with to implement something like S/MIME or GPG.
We can't absolutely guarantee that every message will be encrypted in motion and still be compliant with IETF standards, so we do everything that we can while remaining compliant.
  • MTA-STS
  • TLS-RPT to report on the MTA-STS policy
  • Our handshake offers strong encryption by default (rather than waiting for the other server to offer it). Only if no encryption can be agreed then the connection is made unencrypted, and reported.
From our TLS-RPT reporting, you can see which entities that you communicate with don't support TLS encryption (this is rare), and work with them directly to encourage them to support encryption. Of course, we can help with that part if you let us know, and we can offer you service credits for any successful referral :-)

What impact will Mail Aegis have on our user experience?


Zero impact on user experience - only positive improvements. No new email quarantine process No new email addresses No significant delay in receiving mail (usually less than 30 seconds) No extra logins No change to your existing email provider

Is Mail Aegis a cloud service?


Yes by default, however, we can discuss private instances in the location of your choice.

Does Mail Aegis work with Microsoft 365 or Google Workspaces?


Yes. Both are designed to accept mail from 3rd party mail filters such as Mail Aegis. The integration is very simple.

Will Mail Aegis work with my on premises email server?


Yes - absolutely. Mail Aegis is a great way to keep your on premises mail servers from being directly visible from the internet. We can even sign your outbound mail with your DKIM key so that it's fully compliant (and you don't have to set it up yourself).

I already use Google Workspace or Microsoft 365. Aren't I already protected?


Google & Microsoft both provide some protection, They will check DMARC, MTA-STS etc, but if you haven't configured your records, there is nothing for them to check, leaving you wide open to email spoofing etc. They also carry out some basic anti-malware and phishing checks, but these are not comprehensive, and let a lot of messages through that you really don't want to receive. This is why they have designed their platforms to integrate with 3rd party security platforms such as Mail Aegis, because two sets of eyes is always better than one.

If I use Mail Aegis, do I still need AntiVirus software?


Mail Aegis doesn't replace anything, it is designed to provide additional layers of protection. You should definitely be using Anti Malware software everywhere (yes - even on Mac or Linux machines).

Mail Aegis keeps bouncing messages from my customer/supplier/bank etc.


Mail Aegis requires that mail servers connecting to it handshake properly. Unfortunately, not only spammers & scammers have poorly configured mail servers - sometimes these belong to our customers, suppliers, and even banks. We are here to help though. We can help you tell them what is wrong with their mail server so that they can fix it, or if that is not possible/practical, we can allow-list them depending on the problem.

Do you keep a copy of my email on your servers?


No. We don't even have a quarantine facility by design. Although we do keep logs for a short time. We will NEVER share or sell customer data. Your privacy is our priority.

If you don't quarantine messages then how do I release suspected messages?


We mark suspected messages as spam or phishing, and forward them to your email provider, They will either quarantine them for you, or deliver them to your inbox clearly marked as suspected spam or phishing. If we really don't like the look of something, then we will either drop the connection to the sending server before the message is even sent (we can tell a lot about the trustworthiness of a sender just from the initial handshake), or we will bounce it during the analysis phase. Either way, a valid sender will know that the message was not delivered, and why not.

Which countries is Mail Aegis available in?


As a cloud service, Mail Aegis is available everywhere.

What are your billing and payment options?


We offer a choice of monthly or annual billing, and we can accept payment by direct bank transfer or by credit card.