Cofense Vision Offers SOC and IR Teams Greater Visibility into Phishing Threats Delivered to Inboxes
Newest addition to Cofense phishing defense solution suite reduces the risk of phishing attacks, enables security teams to quarantine unreported threats
LEESBURG, VA. – Feb. 26, 2019 – Today Cofense™, the leading provider of intelligent phishing defense solutions world-wide, announced the general availability of Cofense Vision™, the company’s newest solution for protecting organizational assets from phishing attacks. Effective defenses against phishing must include visibility into the threats that bypass technical controls and are delivered to a user’s mailbox. Users of Cofense Triage™ can already prioritize and understand these threats, and now with the addition of Vision, security operations center (SOC) and incident response (IR) teams are able to identify and quarantine all messages that made it into a mailbox and pose a threat with more speed and efficiency.
Every day, phishing emails bypass perimeter defenses to become ticking bombs in employee mailboxes. In fact, the Cofense Phishing Defense Center determined that as many as one in seven suspicious emails reported by end-users are malicious, based on analysis of more than 2 million emails in 2018. During that time, Cofense found over 55,000 credential harvesting attacks designed to exploit SSO architecture and 25,000 campaigns hiding malicious files inside cloud services to avoid gateway detection. Left undiscovered, these attacks can cause serious damage to an organization. Integrated with the latest release of Triage, Vision identifies all messages that are part of a campaign across an organization and enables security teams to quickly find emails that were not reported by users and quarantine them directly from within Triage, ultimately mitigating their potential risk to the business.
“It’s not just one mail gateway technology that is chronically failing, our customers have multiple technologies in their filtering stack, yet phishing emails still make it in. The email search and quarantine tools on the market today are not fast enough, and don’t have the oversight in place needed to operationalize an auditable workflow inside of SOCs. Vision quickly identifies all recipients of complex phishing attacks and, with a single click, quarantines to remove the threat from all mailboxes,” said Aaron Higbee, Chief Technology Officer, Cofense. “You shouldn’t have to pay extra to your email vendor to remove the phishing email they failed to detect. Vision, either in combination with Triage or connected with existing SOC tooling, will deliver immense productivity gains for SOC and IR teams, so they can execute their jobs efficiently and better protect the company.”
Cofense uses technology for automation where it makes sense, with an emphasis on increasing human and organizational capabilities to reduce risks and quickly mitigate negative consequences when phishing attacks succeed. Triage improves automation by driving non-essential tasks out of the workstream to the point where the keen eye of an operator can make a good decision. Vision extends the capabilities of Triage, allowing SOC and IR teams to proactively hunt for unreported threats and create transparent audit and governance of mitigation actions.
Organizations that have taken a more proactive approach with threat hunting teams will find the Vision platform extremely beneficial, giving them the capability to search for indicators of compromise (IOCs) and tactics, techniques and procedures (TTP’s) of cyber threats in their mail environment even if a user didn’t report the message. Users are able to quickly find the other mailboxes where a suspicious email may reside (Vision Discover) and when that email is detected, quickly quarantine it to remove the threat (Vision Quarantine).
Cofense Vision is now generally available for Cofense Triage customers. For more information, please visit the website.
Cofense™, formerly PhishMe®, is the leading provider of intelligent phishing defense solutions world-wide. Cofense delivers a collaborative approach to cybersecurity by enabling organization-wide engagement to active email threats. Our collective defense suite combines timely attack intelligence sourced from employees with best-in-class incident response technologies to stop attacks faster and stay ahead of breaches. Cofense customers include Global 1000 organizations in defense, energy, financial services, healthcare and manufacturing sectors that understand how changing user behavior will improve security, aid incident response and reduce the risk of compromise.