New capabilities help organizations detect polymorphic coordinated phishing earlier, respond faster, and build lasting resilience
News highlights
- Cofense launches new advancements to its AI-driven Phishing Defense Platform to help customers defend against advanced phishing attacks.
- Cofense shifts phishing defense from individual email response to campaign-level action with AI-driven detection that tracks polymorphic attacks across their mutations.
- Cofense combines AI with human-validated intelligence to advance phishing defense, merging AI-driven detection with workflow and automation improvements.
LEESBURG, Va., May 13, 2026 -- Cofense, the leading provider of intelligence-driven post perimeter phishing defense, today announced new advancements to its Phishing Defense Platform to deliver a faster, smarter approach to stop phishing attacks powered by AI. The advancements include new AI-driven phishing detection capabilities, enhanced triage automation, and AI-assisted training campaign building for improved protection through the phishing lifecycle.
Today's phishing threats are no longer one-off emails. Attackers launch coordinated, polymorphic campaigns that deliberately vary content, senders, and delivery patterns to evade both traditional and AI-only detection approaches. The Cofense platform combines AI with human-validated intelligence, and full transparency into how AI decisions are made, to deliver Phishing Remediation and Phishing Training solutions to stop and prevent attacks with the speed of automation without sacrificing accuracy or trust.
"Phishing defense has to operate at the speed of the attack and today that means teams only have minutes to intercept a threat,” said Rachel Roldan, VP of Product at Cofense. “With Phishing Remediation detecting campaigns before they spread, then automating response at scale, and Phishing Training turning threat insights into training in real-time, we're giving organizations the ability to stay ahead, not just keep up.
Vision 3.2 Brings Campaign-Level AI Detection to Phishing Defense
Vision 3.2 and Triage 3.0 are available to customers of Cofense Phishing Remediation, an integrated solution that empowers security teams to rapidly detect, investigate, and remediate phishing threats that evade defenses. Vision 3.2 shifts phishing defense from individual email response to campaign-level action, with AI-driven detection that tracks polymorphic attacks across their mutations and surfaces coordinated threats before they slip past post-perimeter defenses. Key capabilities include:
- Campaign detection: Identifies coordinated attacks using clustering and pattern matching across related messages, catching threats that vary in content but share structural relationships.
- Polymorphic threat identification: Detects behavioral attack signals by leveraging AI to rapidly cluster and quarantine all members of a campaign, surfacing variants that evade both signature-based and AI-only controls.
- Campaign-level response: Enables security teams to contain all related threats at once, reducing blast radius once malicious activity is confirmed.
Triage 3.0 Advances Analyst Efficiency
Designed to accelerate response and reduce analyst overhead, Triage 3.0 coming later this quarter, combines intelligent automation and domain-based routing to help security teams act faster once a threat is confirmed. Key capabilities include:
- Response by domain: Routes automated response templates based on reporter domain, enabling security teams and MSSPs to manage multi-domain environments without manual triage overhead.
- Faster analyst workflows: Automates routine routing, so analysts focus on threats that require judgment, reducing time between a confirmed threat and containment.
- Relevant end-user communication: Delivers context-specific responses to reporters, improving communication quality across the enterprise.
AI-Assisted Training in Cofense Command Center
Available to Cofense Phishing Training customers, the latest Cofense Command Center updates introduce a new AI Assistant that cuts campaign creation from hours to minutes, using natural language to automatically recommend simulations, difficulty levels, and training content, enabling security teams to turn threat insights into targeted training the same day. A new Customization Portal gives customers complete control with the ability to edit templates, brand content, tailor quizzes, and automatically translate materials into different languages, ensuring training aligns with their organization's goals, culture, and brand standards. Together, these capabilities close the gap between identifying a threat and getting targeted training in front of the people who need it.
Vision 3.2, Triage 3.0, and the updated Cofense Command Center are available to Phishing Remediation and Phishing Training customers through the Cofense Phishing Defense Platform, giving organizations a single, integrated solution for phishing detection, response, and training.
About Cofense
Cofense is the leader in post-perimeter phishing defense, built for the reality that phishing gets through. Cofense helps enterprises identify threats already in employee inboxes, remediate active attacks fast, and reduce future risk. The Cofense platform combines phishing-specific AI with expert validation, automation, and collective insight drawn from millions of real-world user interactions. Human-supervised intelligence improves accuracy, eliminates guesswork, and accelerates response so security teams can act with confidence. Global enterprises including Mastercard, Accenture, and Toyota trust Cofense to strengthen organizational resilience against the most persistent cyber threat: phishing.