FAQ

  • Phishing and spear phishing
  • Business email compromise
  • Account takeovers
  • Identity spoofing
  • Credential theft
  • Malware, including ransomware, hidden in attachments
  • Malicious URLs to harmful sites
  • What other tools does Graphus integrate with?
Yes. You can receive real-time alerts or daily digest of alerts.
Graphus protects Gmail, but does not provide security functionality for Google Drive. Graphus does protect against attacks that are hosted on Google Drive and delivered via email.
Yes. Graphus fully protects Microsoft 365 users.
For larger organizations (>1,000 user accounts), Graphus can be implemented for a subset of accounts. Please note however that in this scenario, only the accounts within those subsets would be protected from cyberthreats. Organizations of 1,000 users or fewer must implement Graphus on all email accounts.
No. Once your administrator activates Graphus for your domain, it is automatically activated for all active user-accounts on your domain. Only IT/Security personnel needs access to the Graphus Customer Portal.
No, this doesn’t affect anything with the Graphus application. Graphus integrates with your cloud email platform through its API, and thus all interactions are monitored and protected independently of the client or device used to access emails by your employees.
Graphus subscriptions are priced per user-account protected (also sometimes also referred as inboxes). So, for example, if your subscription to Microsoft 365 (or Googe Workspace) is for 250 user-accounts, you need only pay for a 250-user account subscription to Graphus, regardless of how many aliases, or group email addresses you use.
Graphus personnel do not have access to your email or your Graphus Customer Portal unless you have subscribed to a Managed SOC plan that explicitly tasks Graphus with providing monitoring, investigation, and incident response services. Graphus processes emails in-memory to identify threats to your business. It does not store emails outside of your cloud email platform (Microsoft 365, Google Workspace). Graphus extracts and stores meta attributes in the Graphus Cloud. These attributes are accessible only by your authorized personnel and are used for investigating suspicious activities and in incident response to detected threats.
The Graphus Cloud uses an Amazon Relational Database Service (RDS) for encrypting and storing customer data (customer emails are not stored in the Graphus Cloud). Amazon RDS uses cutting-edge security and encryption technology. Two-factor authentication is supported for customers utilizing a username and password. Passwords are secured using PBKDF2 for hashing that employs salted passwords for each user with 1,000 iterations of hashing. The Graphus Portal uses Secure Transport Layer (HTTPS) for securing data in motion when accessed by customers using web browsers.
For Graphus Business and Graphus Enterprise subscriptions, only Microsoft 365 or Google Workspace Admins of your domain and/or other personnel for whom they have created a user account have access to the Graphus CustomerPortal. For Graphus MDR subscription, the Graphus SOC (security operations center) has access to the Graphus Portal to provide a full range of managed services (monitoring, investigations, and incident response) as part of a Managed SOC subscription.
Graphus is integrated with the Kaseya BMS and ConnectWise ticketing platforms for seamless alerting and mitigation. Whenever Graphus detects a phishing attack or a user reports a phishing message, the ticketing platform will automatically create a ticket containing the phishing email details.