Most email security stops threats before they hit the inbox. Five layers, all working before the user sees the message. The trouble is the messages that get through. Phishing and BEC succeed because they look legitimate to filters. Once a message lands, the user is the last line of defense. Verisend is the sixth layer: a Microsoft 365 inbox app that shows users, visibly inside the message, which emails are verified legitimate and which deserve a second look.
Verisend installs as a registered application in your Microsoft 365 tenant. From there it deploys to a single user, a group, or the whole organization via a manifest. Once active, it inspects messages in the user's inbox and surfaces a clear visual signal directly inside Outlook: verified when authentication, sender history, and content all align, caution when something falls short.
The user does not have to interpret email headers, hover over a sender domain to read a tooltip, or guess. The verification state lives inside the message UI in Outlook, where the decision is actually being made. For regulated banking tenants, Verisend extends that signal further: inbound messages are checked against internal Know Your Customer data so verified-customer mail is visibly distinguished from impersonation attempts.
Verisend sits inside DuoCircle's broader Protect portfolio, alongside Phishing Protection and Spam Filtering at the gateway, with DMARC Report and SPF Management at the authentication layer.
A verified-legitimate signal where users actually decide, a clear caution state when something falls short, KYC-aware verification for banks, and a tenant-wide deployment model that fits Microsoft 365 the way Microsoft 365 was designed to be extended.
When authentication, sender history, and content signals all align, Verisend marks the message as verified directly in Outlook. The user does not have to interpret SPF, DKIM, or DMARC results, hover over a sender domain, or open headers. The decision context lives where the decision is being made.
When one or more verification signals fall short, Verisend surfaces a clear caution state with the user-facing context to act on it. The message does not get hidden, the user does not get a confusing red banner with no detail. The signal is specific enough to drive a sensible action.
Built for the specific attacks that cost CISOs the most sleep: a spoofed-style note from the CEO to finance asking for a wire, a vendor-impersonation invoice with subtly altered banking details, a pretexting email referencing a real internal project. These attacks evade filters by being plausible. Verisend works because the user gets context they can act on, at the point of decision.
For regulated banking and financial services tenants, Verisend can verify inbound senders against the internal Know Your Customer data the bank already captures. When a message matches a known customer, key customer information is retrieved and displayed in the inbox in real time, so impersonation attempts stand out by the absence of that signal.
Installs as a registered Microsoft 365 application and is rolled out via a tenant manifest. Scope can be a single user, a single group, or the whole organization. There is no per-endpoint installer, no client agent, no separate authentication system to manage.
Verisend is a DuoCircle product run by the same expert team that operates the rest of the portfolio. The roadmap and the support call go to the same group. When something breaks, the team that fixes it is the team that picks up the phone.
You are not on Microsoft 365. Verisend is built as an M365 application and rolled out via tenant manifest. For HCL Domino and IBM Notes environments, the right product is SpamSentinel, which is native to Domino. For Google Workspace, the built-in protection is genuinely strong and we do not have a sixth-layer product on Workspace.
You have not yet implemented the first five layers (SPF, DKIM, DMARC, anti-spam, anti-phishing). Start there. We can help: see SPF Management, DMARC Report, Phishing Protection, and Spam Filtering. Stack the upstream layers before adding the inbox layer.
Your users will not engage with additional inbox UI. The sixth layer assumes the user is part of the security stack. If your culture is closer to "the IT team handles all of that," the value proposition is weaker. We would rather be honest about that than sell a deployment that goes unused.
You need a full Security Awareness Training platform with phishing-simulation campaigns and behavioral analytics. That is a different product category. Verisend gives users a verification signal at the point of decision; it does not run a curriculum.
Verisend is licensed annually per user, with a 30-day evaluation guarantee that you will find it useful for stopping Business Email Compromise. Enterprise customers, Microsoft Managed Service Provider partners, and telecom carriers can reach out for volume pricing. Pricing on a serious deployment gets discussed on the call, not gated behind a procurement form.
When you contact us, you talk to an expert who has actually deployed Verisend in a Microsoft 365 tenant. We tell you whether the sixth layer fits your environment, what the user-facing experience will look like, and how the rollout plays out in practice. Reference calls with existing customers are available on request.
Same-day response. Real expert on the call. We set up a 30-minute demo in a real M365 mailbox and answer the technical questions directly.