Cybersecurity companies Cofense and Cyware will together help organizations respond to phishing threats in seconds. Hackers continue to indulge in large-scale phishing attacks on organizations to steal credentials and sensitive data.
Phishing attacks that target large organizations are common these days. But things turn ugly when phishing attacks targeting organizations result in a widespread data breach.
Cofense, Cyware to neutralize phishing threats in seconds
Security experts always recommend organizations to train their employees and raise awareness to prevent phishing attacks. But despite existing mechanisms, organizations often fell short at defense against phishing attacks due to a lack of faster response and solutions.
Automated incident analysis and response playbooks are required so that organizations can stay one step ahead of attackers and predict what’s coming.
Cybersecurity companies Cofense and Cyware promise to safeguard organizations against email-based phishing attacks. Plus, they have also promised to automate the analysis and determine the seriousness of threats in seconds for faster response.
“The security workflow is preceded by conditioning employees to recognize suspicious email and report to their security team. What happens next is a blend of technology and intelligent analysts who have the right information to make an informed decision without negatively impacting the business,” Cofense said.
The process starts with attackers evading secure email gateways (SEGs) to carry email-based phishing attacks. Once employees report the suspicious email, Cofense Triage will analyze clusters of similar emails.
Cyware’s security orchestration platform will collect data from Cofense Triage and run a complete response playbook. This is likely to result in blocking a URL at the network gateway to prevent employees from interacting with external phishing sites.
Here’s the entire process:
- The attacker attempts to direct the employee to a phishing site and infect the endpoint.
- An employee then reports the email that evaded the secure email gateway (SEG).
- Cofense Triage automates analysis to look for well-known phishing indicators and tactics.
- An analyst then designates the URL in question as malicious.
- Additional validation verifies the potential ties with any malware family.
- Cyware Security Orchestration Layer (CSOL) begins remediation.
- CSOL Playbook blocks the sender of the malicious email at the email gateway.
- It then performs a historical lookup.
- Finally, it automatically blocks the malicious URL at the firewall.
Interestingly, all of this happens in a matter of seconds. However, you must keep your eyes open when it comes to various types of phishing and ensure online safety.