Introducing OX Abuse Shield 2.0

Jan 16, 2019

features_security_platform_blog

Two years ago we announced the release of Dovecot Anti-Abuse Shield, which was one of the first software solutions to specifically address the issue of login and authentication abuse for hosted services such as email. Like all Open-Xchange software, Anti-Abuse Shield is based on a solid foundation of open-source and directly aimed at the pressing issues of brute-forcing and account compromise that affect all operators of large-scale subscriber services. It is now deployed at scale at multiple service providers in EMEA, APAC and the USA.

We've been steadily evolving the software in the last two years and incorporating a lot of feedback from our customers, such as a standardized and flexible policy, GeoIP support, and built-in connectors for Dovecot Pro and OX App Suite. Now we're pleased to announce the next evolution of the software: OX Abuse Shield 2.0.

You'll notice that we've rebranded the solution under the OX brand to better reflect that it works out of the box with Dovecot Pro, but also OX App Suite and any service that authenticates users and suffers from abuse.

However, the most important changes are the new features for login anomaly detection. The previous version focused mainly on looking for egregious "bad behavior" (e.g. too many different passwords, too many failed logins etc.), while the new version adds the capability to baseline "good" logins, and then detect when logins occur which deviate from that baseline. This leads to the ability to generate "suspicious login" notifications to subscribers, indicating that a potentially suspicious login has been detected, for example, a login from a new device.

These new features are made possible through the long-term storage of login reports in a database (Elasticsearch), which enables searching of that data to find anomalies. Another feature that long-term storage of reports enables is the ability to find potentially compromised users and IP addresses that are abusing the system, particularly those which are in the "long-tail" and thus not easily found by the policies available in the previous version.

We think that the new capabilities in OX Abuse Shield 2.0 give service providers even more powerful tools to fight the problems of authentication abuse, and we look forward to evolving the solution even more over the coming months and years. Read more about OX Abuse Shield here.

Also, follow Open-Xchange on Twitter and Facebook, and subscribe to our newsletter to stay informed about where you can meet Open-Xchange!

 

About the author

Neil Cook

Neil Cook

PowerDNS Head of Product

Categories

Related Articles

OX App Suite Software Subscription v8 – Delivering a better...

For over 15 years Open-Xchange has led the market in hosted email solutions, right from when we released our first real SaaS...

Jan Tran Nov 29, 2023

Open-Xchange previews market’s first AI augmented email platform

Delivers practical application of AI to underpin efficient communications for SMBs Small and Medium Business (SMB) email...

Chris Holder Mar 22, 2023

New version of OX Drive app for Apple iOS available

With every update to Open-Xchange’s products, we increase their functionality and ease of use, in order to improve...

Götz Wohlberg Feb 3, 2022

New versions of OX App Suite, OX Documents and OX Guard available

With every update to Open-Xchange’s products, we increase their functionality and ease of use, in order to improve...

Benjamin Otterbach Dec 10, 2021