PhishAlarm Analyzer Prioritizes Reported Emails for Faster Remediation

PhishAlarm Analyzer Prioritizes Reported Emails for Faster Remediation

February 17, 2016
Gretel Egan

We are excited to announce the launch of PhishAlarm® Analyzer, a software-based companion to our PhishAlarm email reporting button that prioritizes reported messages and allows for more efficient use of remediation resources.

PhishAlarm Analyzer applies machine learning techniques to identify potential threats and prioritize reported messages accordingly. Its rapid identification and categorization of suspicious messages allows infosec officers and security response teams to isolate and address phishing emails that have slipped past email filters, including zero-hour attacks.

Wombat_PhishAlarmAnalyzer2016.jpg 

Analyze Messages, Not Users

Phishing emails remain one of the largest threats to organizations today and are often at the root of data breaches. Though spam filters have continued to evolve, they don’t catch 100% of malicious messages — and that’s why PhishAlarm and PhishAlarm Analyzer are such important tools. PhishAlarm Analyzer scans each reported email and establishes risk levels based on data gathered from real-world phishing and spear phishing attacks. In contrast, competing solutions of this type only consider an end user’s ‘trustworthiness’ and ‘accuracy’ in identifying threats, an approach that negatively impact the reliability of results given that it can take months or even years to precisely judge users’ reporting abilities. 

“Phishing campaigns are becoming more complex and targeted, so rating users on ‘accuracy’ or ‘trustworthiness’ can be an ineffective approach,” said Al Himler, Senior Director of Product Management at Wombat Security. “Instead of discounting users for falsely identifying a phishing email, PhishAlarm Analyzer pools information about blacklists, known attacks, dangerous IP addresses, and other markers from a multitude of reliable resources. The end result is a faster path to remediation and a more effective use of information security assets.”

The Technology Behind the Tool

PhishAlarm Analyzer classifies reported emails based on standard security indicators of compromise (IOCs) that are known and trusted throughout the industry. And the tool only becomes more effective over time. By using various email threat feeds coupled with machine learning, PhishAlarm Analyzer constantly improves as it quickly learns to identify new patterns of attack.

PhishAlarm Analyzer is built to scan emails quickly and prioritize threats in real time. But this tool does more than just rank emails and alert response teams. It also provides an HTML research report with each categorized message, alerting designated staff to the sources of the IOCs that are present in the email. This saves considerable time and effort, and allows security teams to more effectively manage their resources and target the most credible and imminent threats within their email systems.

PhishAlarm Analyzer is currently in Beta trials and will be generally available during the second quarter of 2016. We will be demonstrating the software at RSA Conference 2016, so stop by the Wombat booths (#4333 and #4235) to see this new tool in action and learn more about our suite of security awareness training products. Those not attending the conference can receive additional information about PhishAlarm Analyzer by contacting us at sales@wombatsecurity.com.

 

The PhishAlarm email reporting button is a component of our ThreatSim® simulated phishing product and our Anti-Phishing Training Suite. PhishAlarm reinforces email best practices by keeping phishing threats top-of-mind for employees and allowing them to apply the knowledge they gain during training to reduce risk.