Cofense Achieves SOC 2 Type II Compliance for PhishMe and Hosted Triage

Phishing Defense Leader Continues to Pursue Compliance Certifications for Data Security

LEESBURG, Va.May 16, 2019 — Today Cofense™, the global leader in intelligent phishing defense solutions, announced it has successfully completed a Service Organization Controls (SOC) 2 Type II examination for Cofense PhishMe™ and Hosted Cofense Triage™. These product lines provide technology to help organizations train their employees to identify potential phishing risks and properly handle phishing attacks by individuals attempting to manipulate or deceive email recipients. Coalfire Controls, LLC, an independent CPA firm, conducted the audit.

SOC 2 compliance is a key industry standard in data security. Designed for entities operating in the technology and cloud computing sector, SOC 2 evaluates a service provider’s ability to securely manage customer data. In pursuit of this certification organizations undergo a rigorous analysis that includes the following trust services criteria: security, availability, processing integrity, confidentiality and privacy. Cofense achieved SOC 2 Type I compliance in February 2018, which is based on having the suitable controls in operation. For Type II, Cofense successfully showed the effectiveness of these controls over a period of time.

“Pursuing industry-leading certifications is just one way Cofense continues to demonstrate our commitment to larger compliance efforts that exceed enterprise standards,” said Keith Ibarguen, Chief Product Officer, Cofense. “SOC 2 Type II compliance is a proven standard to ensure the processing integrity, availability, security, confidentiality and privacy of customer data. Cofense aims to not only help our customers maintain strong security through our innovative technology offerings, but to also maintain strong relationships and trust through our own security and privacy practices.”

“Many organizations outsource information security operations to third-party vendors, and if their data is not handled securely, risk of exposure to data theft, extortion and malware increases dramatically. Given this threat of exposure, SOC 2 Type II is essential for organizations to clearly demonstrate the security control posture of their solutions,” states Chris Beiro, Sr. Director, SOC Practice, Coalfire. “Coalfire examined the PhishMe and Hosted Cofense Triage solutions and found that controls were suitably designed and operating effectively to provide reasonable assurance that the trust services criteria were met throughout the review period.”

The purpose of SOC standards are to help provide confidence and peace of mind for organizations and their third-party partners. Cofense maintains policies, strategies and processes that are designed to satisfactorily safeguard customer data. For more information, please visit http://www.cofense.com.

About Cofense 
Cofense™, formerly PhishMe®, is the leading provider of intelligent phishing defense solutions world-wide. Cofense delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. Our collective defense suite combines timely attack intelligence sourced from employees with best-in-class incident response technologies to stop attacks faster and stay ahead of breaches. Cofense customers include Global 1000 organizations in defense, energy, financial services, healthcare and manufacturing sectors that understand how changing user behavior will improve security, aid incident response and reduce the risk of compromise.

Media Contact 
press@cofense.com

Cofense Partners with NINJIO to Bring Hollywood-Style Storytelling to Security Awareness Offering

Leesburg, Va. – May 8, 2019 – Cofense™, the global leader in intelligent phishing defense solutions, announced a partnership with NINJIO, a leading creator of cyber security awareness training. NINJIO’S cyber security content will be accessible by customers using the Cofense PhishMe™ platform, an award-winning phishing simulation and training solution. Cofense PhishMe administrators can leverage NINJIO videos, or “episodes” as NINJIO refers to them, as part of their on-going security awareness training and phishing defense programs.

Cofense Announces Key Additions to Leadership Team

New Hires to Fuel Company Growth in All Aspects of Sales, Marketing, and Product Development

Leesburg, Va. – April 18, 2019 – Today Cofense™, the global leader in intelligent phishing defense solutions, announced the addition of four security leaders to their executive team. Kevin Fliess joins Cofense as Senior Vice President of Marketing; Keith Ibarguen, as Chief Product Officer; Marcus Conroy, as Vice President of Americas Sales; and David Janson has been promoted to Vice President of International Sales from his previous position as Vice President of European Sales. Following the strongest fourth quarter (2018) and first quarter (2019) in company history, these additions will contribute to Cofense’s leadership and culture as the company executes the next phase of its growth strategy and expansion.

Cofense To Host Fourth Annual Phishing Defense Summit and User Conference

Cofense Submerge features industry expert speakers, including a keynote by FireEye CEO,
and sessions focused on latest security threats and incident response trends

Leesburg, Va. – April 16, 2019 – Today Cofense™, the global leader in intelligent phishing defense solutions, announced that registration is open for the fourth annual Submerge phishing defense summit and user conference. The event, set to take place Sept. 23-24, 2019 in Orlando, Fl., will bring together industry experts with practitioners who are on the front lines to discuss the security threat landscape and share phishing defense strategies. Featured speakers include Kevin Mandia, CEO of FireEye as a keynote, along with Cofense’s Co-Founders, Rohyt Belani, CEO, and Aaron Higbee, CTO.

Cofense Launches Responsive Delivery Capabilities to Strengthen Effectiveness of Global Anti-Phishing Programs

New feature for Cofense PhishMe enables operators to deliver phishing scenarios only when a user is actively performing tasks in their mailbox

Leesburg, Va. – Feb. 28, 2019 – Today Cofense™, the global leader in intelligent phishing defense solutions world-wide, announced the addition of Responsive Delivery to its flagship product for phishing simulations. This first-to-market feature enables Cofense PhishMe™ Enterprise edition operators to deliver phishing scenario emails only when intended recipients are actively performing tasks in their mail client. Responsive Delivery gives operators confidence that simulations will not be missed by a user who is away from the desk and ensures that the scenario email is delivered directly to the inbox without interruption.

Cofense Vision Offers SOC and IR Teams Greater Visibility into Phishing Threats Delivered to Inboxes

Newest addition to Cofense phishing defense solution suite reduces the risk of phishing attacks, enables security teams to quarantine unreported threats

LEESBURG, VA. – Feb. 26, 2019 – Today Cofense™, the leading provider of intelligent phishing defense solutions world-wide, announced the general availability of Cofense Vision™, the company’s newest solution for protecting organizational assets from phishing attacks. Effective defenses against phishing must include visibility into the threats that bypass technical controls and are delivered to a user’s mailbox. Users of Cofense Triage™ can already prioritize and understand these threats, and now with the addition of Vision, security operations center (SOC) and incident response (IR) teams are able to identify and quarantine all messages that made it into a mailbox and pose a threat with more speed and efficiency.

Every day, phishing emails bypass perimeter defenses to become ticking bombs in employee mailboxes. In fact, the Cofense Phishing Defense Center determined that as many as one in seven suspicious emails reported by end-users are malicious, based on analysis of more than 2 million emails in 2018. During that time, Cofense found over 55,000 credential harvesting attacks designed to exploit SSO architecture and 25,000 campaigns hiding malicious files inside cloud services to avoid gateway detection. Left undiscovered, these attacks can cause serious damage to an organization. Integrated with the latest release of Triage, Vision identifies all messages that are part of a campaign across an organization and enables security teams to quickly find emails that were not reported by users and quarantine them directly from within Triage, ultimately mitigating their potential risk to the business.

“It’s not just one mail gateway technology that is chronically failing, our customers have multiple technologies in their filtering stack, yet phishing emails still make it in. The email search and quarantine tools on the market today are not fast enough, and don’t have the oversight in place needed to operationalize an auditable workflow inside of SOCs. Vision quickly identifies all recipients of complex phishing attacks and, with a single click, quarantines to remove the threat from all mailboxes,” said Aaron Higbee, Chief Technology Officer, Cofense. “You shouldn’t have to pay extra to your email vendor to remove the phishing email they failed to detect. Vision, either in combination with Triage or connected with existing SOC tooling, will deliver immense productivity gains for SOC and IR teams, so they can execute their jobs efficiently and better protect the company.”

Cofense uses technology for automation where it makes sense, with an emphasis on increasing human and organizational capabilities to reduce risks and quickly mitigate negative consequences when phishing attacks succeed. Triage improves automation by driving non-essential tasks out of the workstream to the point where the keen eye of an operator can make a good decision. Vision extends the capabilities of Triage, allowing SOC and IR teams to proactively hunt for unreported threats and create transparent audit and governance of mitigation actions.

Organizations that have taken a more proactive approach with threat hunting teams will find the Vision platform extremely beneficial, giving them the capability to search for indicators of compromise (IOCs) and tactics, techniques and procedures (TTP’s) of cyber threats in their mail environment even if a user didn’t report the message. Users are able to quickly find the other mailboxes where a suspicious email may reside (Vision Discover) and when that email is detected, quickly quarantine it to remove the threat (Vision Quarantine).

Cofense Vision is now generally available for Cofense Triage customers. For more information, please visit the website.

About Cofense

Cofense™, formerly PhishMe®, is the leading provider of intelligent phishing defense solutions world-wide. Cofense delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. Our collective defense suite combines timely attack intelligence sourced from employees with best-in-class incident response technologies to stop attacks faster and stay ahead of breaches. Cofense customers include Global 1000 organizations in defense, energy, financial services, healthcare and manufacturing sectors that understand how changing user behavior will improve security, aid incident response and reduce the risk of compromise.

 

Cofense Security Solutions Advisor Tonia Dudley to Speak at 2019 RSA Conference

Phishing Defense Expert and Board Member for the National Cybersecurity Society Will Present Two Sessions 

LEESBURG, VA. – February 22, 2019 – Today Cofense™, the leading provider of intelligent phishing defense solutions world-wide, announced that the company’s first Security Solutions Advisor, Tonia Dudley, will speak at the 2019 RSA Conference. Set to present two sessions, a Learning Lab on March 6 in a traditional Classroom setting, Dudley will discuss the need to develop long term strategies for phishing simulation campaigns and the value of a human touch in security. A second session on March 7, with a focus on automation vs human intuition. With more than a decade of cybersecurity experience, Tonia has managed cybersecurity incident response, security awareness programs, and IT compliance programs for large scale global organizations.

Cofense Recognized for Raising the Standards of Quality Customer Service

Technical Operations Center (Support) Stands Out for Excellence in Customer Service, Winning an ISPG Award and Being Named a Finalist for the HDI Conference Awards

LEESBURG, VA. – February 13, 2019 – Today Cofense™, the leading provider of intelligent phishing defense solutions world-wide, announced the latest industry recognition for their distinguished Technical Operations Center (Support). On Feb. 4, Info Security Products Guide (ISPG) named Cofense the Bronze winner of the Customer Service Department of the Year category for the 2019 Global Excellence Awards. In addition, the department was recently named a finalist for HDI’s Team Excellence Award. Both awards represent Cofense’s high standards for quality and customer service, a key element for ensuring that organizations remain protected from the many threats being launched against them.

Cofense Recognized for Raising the Standards of Quality Customer Service

Technical Operations Center (Support) Stands Out for Excellence in Customer Service, Winning an ISPG Award and Being Named a Finalist for the HDI Conference Awards

LEESBURG, VA. – February 13, 2019 – Today Cofense™, the leading provider of intelligent phishing defense solutions world-wide, announced the latest industry recognition for their distinguished Technical Operations Center (Support). On Feb. 4, Info Security Products Guide (ISPG) named Cofense the Bronze winner of the Customer Service Department of the Year category for the 2019 Global Excellence Awards. In addition, the department was recently named a finalist for HDI’s Team Excellence Award. Both awards represent Cofense’s high standards for quality and customer service, a key element for ensuring that organizations remain protected from the many threats being launched against them.

Cofense Announces New Cofense Triage Operator Certification

Incident Responders Gain Deeper Knowledge of Product Capabilities and Functionality to Analyze and Respond to Active Phishing Emails Faster

LEESBURG, VA. – Jan. 23, 2019 – Today Cofense™, the leading provider of human-driven phishing defense solutions world-wide, announced their Cofense Triage™ Operator Certification. Cofense Triage is the first phishing-specific orchestration, automation and response platform that helps stop active phishing attacks in progress. The Cofense Triage Operator Certification teaches incident responders best practices to make them more efficient and assures that organizations maximize the investments that they have made in Cofense Triage. This training is interactive, self-paced, and typically completed in just two hours.