Phishing, BEC, and spoofing — stopped before the inbox.
Business email compromise is the leading cause of financial fraud in Indian businesses. Golonex deploys, monitors, and manages your email security layer — with named engineers accountable for your protection.
Six threat types. One managed layer.
Every category below is actively monitored and blocked — not just filtered by a static ruleset. Golonex engineers tune and respond, not just report.
Business Email Compromise (BEC)
Impersonation of executives, finance teams, and vendors — detected and blocked at the gateway before it reaches a user.
Spear Phishing
Targeted attacks crafted for your organisation. Behavioural AI identifies threats that signature-based filters miss.
Malicious Attachments & Links
Zero-day sandboxing detonates suspicious attachments and URLs in an isolated environment before delivery.
Spoofing & Domain Impersonation
DMARC, DKIM, and SPF enforcement blocks unauthorised senders from spoofing your domain.
Ransomware via Email
Malicious macros, loaders, and droppers are identified and stripped before execution.
Account Takeover Detection
Anomalous login patterns and forwarding rule changes are flagged and reviewed in real time.
Deployment, monitoring, and reporting.
A managed email security engagement is not a product licence handoff. We own the configuration, tuning, and response.
- ✓ Email gateway deployment and tuning (cloud or on-premise)
- ✓ DMARC / DKIM / SPF record setup and enforcement
- ✓ Ongoing monitoring, alert triage, and false-positive tuning
- ✓ Monthly threat summary report with findings and actions taken
Why managed email security?
A product licence does not protect you. A tuned, monitored, and accountable service does.
- → Email is the #1 attack vector — 90%+ of cyber incidents begin with an email.
- → Misconfigured filters let threats through and block legitimate mail. Tuning is an ongoing discipline, not a one-time setup.
- → Named Golonex engineers own your configuration — not a vendor portal you manage yourself.
Frequently asked questions
Do you replace our existing email platform — M365 or Google Workspace? +
No. We add a managed security layer on top of your existing platform. Email continues to flow through M365 or Google Workspace; the security gateway sits in-path and filters threats before they reach the inbox. Your IT team retains ownership of email administration; Golonex engineers own the security configuration, tuning, and monitoring.
What does "managed" mean — is this just a product licence? +
No. A managed email security engagement means Golonex engineers own the configuration, tune filters based on your traffic patterns, triage alerts, and respond to incidents. You don't log into a portal and manage rules yourself. Monthly reports show what was blocked, what was investigated, and what changed — so you have a record, not just a running service.
How long does DMARC enforcement take? +
DMARC setup — publishing the DNS record — takes minutes. Moving to a fully enforced reject policy safely typically takes 4–8 weeks: we start at monitoring mode, analyse legitimate senders that would fail authentication, fix misconfigurations, and move to enforcement once you're confident no legitimate mail is at risk.
Is this relevant for Indian banks under the RBI cyber framework? +
Yes. Email phishing is explicitly referenced as an attack vector in RBI's cybersecurity guidelines for banks and co-operative banks. Anti-phishing controls at the gateway layer — including DMARC enforcement, sandboxing, and BEC detection — are an expected component of a bank's email security posture and IS audit evidence pack.
What happens if a threat gets through the gateway? +
Threats that reach the inbox trigger an alert in the SOC. We can retroactively pull delivered messages from mailboxes, notify affected users, and investigate whether any link was clicked or attachment opened. Our SLA includes a response-to-investigation timeframe — not just an alert notification with no follow-through.
Stop the next phishing attack before it lands
Share your current email platform and volume. We will assess your exposure and propose a protection layer within one business day.