Share:

The APIs have it – Emphasis on ‘I’– Individuals, Integrate, Investigate, and Incident Response

Everyday, PhishMe is helping enterprise employees change their behavior against the top threat leading to many of today’s high profile breaches – phishing. Our customers empower their employees to report suspicious email thereby creating a rich source of actionable intelligence for incident responders. Triage provides security operations center (SOC) analysts and incident responders a way to automate the identification, prioritization, and remediation of these phishing threats. This threat intelligence can then be shared with other teams to better protect your enterprise.

Maximizing Return on Security Investments

PhishMe also strives to maximize our customer’s security investments by integrating Triage with threat intelligence platforms, web security solutions, endpoint detection and response, and SIEMs to name a few. This is exactly why we integrated PhishMe with OpenDNS Investigate API.

Our mutual customers now have the ability to leverage the power of human intelligence with the global network intelligence of OpenDNS. Here’s how this combination works:

OpenDNS Integration Blog Post_Reporter_2016

  • PhishMe Triage automatically analyzes and prioritizes email threats at ingestion to reduce the burden of alert fatigue placed on analysts.

OpenDNS Integration Blog Post_Triage_2016

  • OpenDNS Investigate API integration allows analysts to research suspicious content in email such as links – both in the message body and embedded into Office attachments.

OpenDNS Integration Blog Post_Integration1_2016

  • Analysts can quickly view which domains are malicious as well as those that are currently unknown indicating caution and the ability to resubmit for further analysis.

OpenDNS Integration Blog Post_Integration2_2016

Integration Goodness!     

The end result is that an analyst can now make an intelligent, actionable decision; all because employees were empowered to report suspicious email to help reduce the likelihood of a breach due to host or credential compromise. Integrating technology solutions allows security leaders to maximize their investments and not just have a point solution, but rather a security infrastructure that involves harnessing the power of people.