BEC amounts to $500 billion-plus annually in losses. Ensure your business is protected.
Protect your user’s credentials and avoid a widespread, malicious attack.
With malware attacks on the rise, protect your business from all angles.
This latest tactic is only just beginning. Here’s how to get ahead of this threat.
Phishing is the #1 attack vector for ransomware attacks. Stop phishing attacks in their tracks.
Smishing is just all around us. Make sure your employees know how to stay safe.
Voice-phishing is on currently on the rise. See how Cofense stops vishing attacks with our SAT solution.
Phishing Security Awareness Training
Train your employees to defend against advanced email threats.
Email Threat Detection & Response
Automatically stop attacks that bypass your secure email gateway.
Phishing Intelligence Trends Review
Businesses from all industries rely on Cofense to safeguard their teams.
Global organizations trust Cofense to protect their most critical assets.
Check out our resource library of solution content, whitepapers, videos and more.
Come see us at a local event or join us at an upcoming webinar.
Contact us to get the most out of your Cofense solutions.
See why the Cofense Intelligent Email Security suite stands out against the competition
Stay current on cybersecurity trends, market insights and Cofense news.
See the real threats that are currently evading your Secure Email Gateway (SEG).
Protect your organization with our deep analysis into the current threat landscape and emerging trends.
Trusted partner to some of the best technology brands in the world.
Cofense sees & stops email threats missed by standard security measures.
See the latest articles, press releases and more in our news center.
It’s an honor to be recognized in the cybersecurity market. Check out our recent awards.
Grow your business, drive new revenue streams, and improve your competitive posture through our Partner Program.
We’re looking for passionate people to join us in our mission to stop all email security threats for organizations around the globe.
Get to know our management team.
Cofense provides the capabilities necessary to make more effective decisions on phishing threats facing your company. Our Technology Alliance Program (TAP) provides a strong and mutually beneficial ecosystem with our partners to provide a comprehensive anti-phishing solution. Cofense solutions seamlessly integrate to simplify deployment, improve efficiency, reduce costs, and optimize security investments.
We provide an unmatched phishing detection and response portfolio that empowers resellers in every sector to offer customers a comprehensive level of security.
Built from the ground up for MSPs, Cofense Protect provides quick deployment of advanced email security & awareness training from a single multi-tenanted UI.
Cofense Managed Security Service Providers can equip your business with the defenses, processes, and resources necessary to stop inevitable threats.
© 2024 Cofense Inc.
Cofense Intelligence and Triage integrate with Anomali ThreatStream to help organizations operationalize workflows with Cofense’s human-verified intelligence that identify indicators by severity and correlate with active phishing campaigns, automate the ingestion for action and eliminate the manual processes and potential for human error while updating other security solutions.
Cofense Intelligence human-verified phishing intelligence ingested into Centripetal CleanINTERNET to filter networks from accessing phishing infrastructure. Protect against access to phishing URLs, domains, IPs, and command and control sites.
Cofense Triage submits suspected phishing domains to Cisco Umbrella Investigate to determine risk. Domain indicator results populate Cofense Triage to prioritize phishing investigation and response workflow.
Cyware CTIX can ingest Cofense Intelligence phishing indicators in JSON format. Each indicator ingested can be used in playbooks and threat lookups from CTIX to use the threat impact rating of each Cofense Intelligence indicator.
Cofense Triage can bidirectionally exchange phishing indicators including domains, URLs, hash values, and more with Cyware CSOL. Cyware can ingest malicious or suspicious emails from Cofense Triage to use in playbooks.
Cofense Intelligence and EclecticIQ Platform deliver the ability to acquire, aggregate and act from phishing- specific indicators. EclecticIQ Platform ingests phishing IOCs and contextual reports via Cofense’s API. Security teams can act based on Cofense Intelligence indicators through their existing infrastructure to alert or block ingress or egress traffic.
Cofense Triage automatically submits email attachments to Hatching Triage at ingestion. Cofense Triage admins can also resubmit supported attachment types from Triage to Hatching using the API. Analysis results of the submitted attachments are available for review in Hatching’s platform.
IBM QRadar ingests Cofense Intelligence by using Cofense’s app within IBM App Exchange. The intelligence ingested is used in a SOC to monitor and alert on activity matching indicators.
Cofense Intelligence is ingested into LogRhythm’s platform using Cofense’s API. The ingestion of intelligence is used in a SOC to monitor and alert on activity when a domain, URL, or IP address matches Cofense provided intelligence.
LogRhythm receives CEF-based syslog events from Cofense Triage. Triage will output events based on rules, recipes, and categorizations. Triage admins configure based recipe or report categorization as well as when a YARA rule is matched.
Cofense Intelligence and Cofense Triage both support McAfee event data fields, allowing analysts to recognize, report, and respond to phishing events based on customizable criteria. Cofense Intelligence data in McAfee Enterprise Security Manager has one-click access to humanreadable reports providing detailed insight into the attacker tactics, techniques, and procedures (TTPs); email message content; malware artifacts with full threat detail; and executive summaries.
Cofense Intelligence ingested via API with CEF support into ArcSight. Operationalize from Cofense Intelligence phishing URLs, domains, hashes, IPs, malware families, contextual reports, and more.
Cofense Triage operators send their syslog events in CEF to their ArcSight instance. ArcSight will receive events based on rules, recipes, and categorizations. This is done matching recipes, report categorization, or when a YARA rule is matched by an analyst.
The Cofense Intelligence and MISP integration helps organizations to operationalize phishing intelligence for faster threat defense & response. The MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators. The Cofense Intelligence MISP feed provides a way to ingest file and network phishing indicators. Analysts are then able to correlate Cofense Intelligence with other intelligence feeds as well as understand the malware tactics from the indicators received.
Cofense Intelligence ingests into Palo Alto Networks MineMeld application. Create an open source MineMeld server which formats Cofense Intelligence and ingest indicators into Palo Alto Networks next-generation firewalls. The firewalls using external dynamic lists consume the indictors and are applied to firewall security policies.
Cofense Triage automatically submits hashes of attachments or full files to Palo Alto Networks WildFire at ingestion. Cofense Triage admins manually submit any hash or supported attachment type from Triage to WildFire using the API. WildFire will return the results to Cofense Triage with a full malware contextual report. Additionally, Cofense Triage integrates with MineMeld to obtain threat indicators.
Cofense Intelligence and Paterva’s Maltego application integrate, and analysts can gather, interrogate, and visualize data to find threat relationships. Cofense developed transforms for Maltego to visualize relationships between observables within a specific attack and explicitly pinpoint how attackers are delivering their malicious payloads.
Recorded Future has an extension available within the platform to leverage Cofense Intelligence API for human-verified phishing intelligence. Analysts in Recorded Future seamlessly pivot to Cofense Intelligence and obtain indicator validation on IPs, domains, and files.
Cofense Triage operators can query file hash values in the Recorded Future platform. Analysts can view information on the Recorded Future website to validate a file disposition. There is no account required to get “basic” information. The Triage analyst views information from Recorded Future with the option to create an account for more in-depth review.
Cofense Triage can bidirectionally communicate with Siemplify to ingest phishing indicators for Siemplify to process as part of a playbook. Cofense Triage sends reports, threat indicators, reporter information, and phishing incident observables for Siemplify to receive and orchestate. Categorized reports along with indicator analysis tags are capable of ingestion into Siemplify to use in playbooks.
Cofense Intelligence, Triage and Vision integrate with Splunk SOAR to streamline multiple sources of threat intelligence, suspicious emails for analysis and remediation, and to search and quarantine for suspicious emails.
ServiceNow Security Operations polls the Cofense Intelligence API in a search-based integration to validate incidents that may be related to phishing. Security Operations makes use of Cofense Intelligence indicator IPs, domains, URLs, and files. Analysts use the results and context for additional actions and orchestration.
Cofense Triage and ServiceNow Security Incident Response leverage Cofense Triage’s bidirectional API to ingest phishing events and create security incidents in ServiceNow SIR. ServiceNow analysts can update reported phishing data in Cofense Triage as well as enrich their threat indicator and observables table received from Cofense.
Cofense Intelligence is a value-added data source integrated with Swimlane’s orchestration platform. Swimlane correlates Cofense Intelligence’s IPs, hashes, domains, and URLs to prioritize and remediate events.
Cofense Triage is a supported application in Swimlane to ingest phishing indicators and employee-reported phishing attributes. Cofense Triage sends IPs, domains, URLs and hashes, for Swimlane to receive and act on. Categorized reports along with indicator analysis tags are capable of ingestion to use in playbooks.
Cofense Intelligence integrates with ThreatConnect to ingest phishing intelligence into the platform. Cofense’s API is leveraged to pull in actionable phishing indicators for analysts to create process around indicator impact ratings.
Cofense Intelligence can be ingested into the ThreatQuotient Threat Intelligence Platform (TIP) using Cofense’s API. Enable Cofense Intelligence from within ThreatQ platform and ingest threat IDs, malware families, URLs, IP addresses, and more.
The joint solution integration of ThreatQ™ and Cofense Triage enables security teams to receive, analyze and respond to phishing threats that have evaded technical systems.
Trellix, FireEye’s Helix Cloud Connect solution, can ingest Cofense Triage reports and threat indicators using Cofense Triage’s API. Helix makes calls to Triage’s API and ingests reported email attributes that can then be used in hunting and incident response initiatives.
Cofense Intelligence is ingested into ESM using Cofense’s API via a standalone Python script. This CEF ingestion is then used in a SOC to monitor/alert on activity when a domain or IP address matches Cofense Intelligence.
Cofense Intelligence and FireEye Helix Security Orchestrator deliver the ability to investigate, validate, and orchestrate based on indicator impact ratings from phishing-specific intelligence. Ingestion of phishing indicators allow analysts to investigate, search, and respond to phishing events.