Cofense Vision UI: Quarantine Phish Faster, Without Disrupting the Mail Team
By Karen Kokiko
The holy grail of phishing defense is now within your grasp. Cofense VisionTM now comes with a user interface that lets you quarantine phishing emails with a single click—without disrupting the mail team and slowing down your response.
Let’s stop and let that sink in. You can quarantine phish right from your desktop, without asking the busy mail team to stop and perform a search. There’s no more waiting while an active phish does the backstroke in your inboxes. Faster, more precise phishing response is here.
Fast and Flexible Searching
Traditional email search and quarantine tools are slow and inflexible, offering limited search scope like ‘Sender’ and ‘Subject.’ It’s difficult to find the entire attack fast enough and account for the way tactics, techniques, and procedures morph.
The Cofense Vision user interface allows SOC analysts to search by combinations of fields, grouping emails together by selected criteria. You can search for recipients, senders, MIME type, attachments, a specific time, and more, essentially creating your own cluster. Then quarantine one or hundreds of malicious emails with a simple click. If you later determine that emails are harmless, you can “un-quarantine” them just as easily.
Built for Companies of All Sizes
The new Cofense Vision UI supports smaller customers who don’t have engineering teams or power users to write scripts and code. You can simply search natively and quarantine quickly. An hour after installation, analysts are ready to defend.
For example, an end-user at a small business sends a suspicious email to IT for investigation. IT determines it is malicious and wants to find out if anyone else received it. With the new Cofense Vision UI, they can search on key criteria found in the malicious email to determine if more than one instance of the message is in their environment, then quarantine the email in seconds.
If your company is larger, the interface improves the experience of power users and operators who are writing scripts or otherwise programmatically interacting with Cofense Vision. Proactive analysts, those with some information about where and how the bad guys are likely to attack, can use the UI to identify and quarantine malicious actors before any damage is done. SOC analysts can write rules to look for signs of malicious activity, searching criteria such as To, From, Subject, Attachment Hash, and the content of the message.
All of this shortens “dwell time” and the amount of damage an attacker can cause in your email environment. According to a SANS Institute survey, 75 percent of respondents say they reduced their attack surface by through more threat hunting. Fifty-nine percent believed that threat-hunting enhanced the speed and accuracy of their company’s incident response.1
The new Cofense Vision UI makes threat-hunting faster, easier, and more effective. Learn more or sign up for a demo now!
More Ways Cofense Can Help
90% of phishing threats observed by the Cofense Phishing Defense Center bypassed secure email gateways. Condition users to be resilient to evolving phishing attacks with Cofense PhishMeTM and remove the blind spot with Cofense ReporterTM.
Be proactive against evolving phishing threats. Easily consume high-fidelity phishing-specific threat intelligence to defend your organisation with Cofense IntelligenceTM.
Thanks to our unique perspective, no one knows more about REAL phishing threat than Cofense. Understand the current phishing threat – read the 2019 Phishing Threat & Malware Review.
1SANS Institute, “2018 Threat Hunting Survey”: https://www.sans.org/media/analyst-program/Multi-Sponsor-Survey-2018-Threat-Hunting-Survey.pdf
All third-party trademarks referenced by Cofense whether in logo form, name form or product form, or otherwise, remain the property of their respective holders, and use of these trademarks in no way indicates any relationship between Cofense and the holders of the trademarks.