PhishMe Honored on the Inc. 5000 List for the Second Year in a Row

After Posting 3-year Cumulative Growth of More than 560 Percent, PhishMe Recognized as One of America’s Fastest-Growing Private Companies

LEESBURG, VA – August 17, 2016 – PhishMe, Inc., the leading provider of human-phishing defense solutions, announced today that Inc. magazine has ranked PhishMe No. 700 on its 35th annual Inc. 5000, the most prestigious ranking of the nation’s fastest-growing private companies. The list represents a unique look at the most successful companies within the American economy’s most dynamic segment— its independent small businesses. Companies such as Microsoft, Dell, Domino’s Pizza, Pandora, Timberland, LinkedIn, Yelp, Zillow, and many other well-known names gained their first national exposure as honorees of the Inc. 5000.

“Making the Inc. 5000 list two-years in a row is a tremendous honor and a testament to all the hard work our team has been doing,” said Rohyt Belani, CEO and Co-Founder of PhishMe. “PhishMe has maintained our focus and executed cleanly over the past several years. Our strong business fundamentals have afforded us the platform for expansive growth while cybersecurity continues to be at the forefront of businesses in this digital age.”

PhishMe has recently achieved record cumulative growth of more than 560 percent over the last three years. In addition, the company has helped more than half of the Fortune 100 organizations to defend themselves against thousands of phishing attacks perpetrated by cybercriminals across the globe, helping PhishMe attain a 93 percent gross retention and negative net churn.

The 2016 Inc. 5000 is the most competitive crop in the list’s history. The average company on the list achieved a mind-boggling three-year growth of 433%. The Inc. 5000’s aggregate revenue is $200 billion, and the companies on the list collectively generated 640,000 jobs over the past three years, or about 8% of all jobs created in the entire economy during that period. Complete results of the Inc. 5000 can be found at www.inc.com/inc5000.

Connect with PhishMe Online:

Follow PhishMe on Twitter: https://twitter.com/phishme

Follow PhishMe’s Blog: http://phishme.com/blog/

Follow PhishMe on LinkedIn: https://www.linkedin.com/company/phishme-inc-

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

More about the Inc. 5000
The 2016 Inc. 5000 is ranked according to percentage revenue growth when comparing 2012 to 2015. To qualify, companies must have been founded and generating revenue by March 31, 2012. They had to be U.S.-based, privately held, for profit, and independent—not subsidiaries or divisions of other companies—as of December 31, 2015. (Since then, a number of companies on the list have gone public or been acquired.) The minimum revenue required for 2012 is $100,000; the minimum for 2015 is $2 million.

 

Lastline, Mimecast, McAfee and More Join Rapidly Expanding PhishMe Technology Alliance Program

Join PhishMe at Black Hat 2016 to Learn How Joint Customers Maximize Investments in Lastline, Mimecast, IBM, McAfee and Recorded Future

LEESBURG, VA – 2 August, 2016 – PhishMe Inc., the leading provider of human phishing defense solutions, today announced the addition of further technology partners to its Technology Alliance Program (TAP), an ecosystem of the world’s leading security providers. TAP has continued to deliver exceptional value to mutual customers since its formation in March 2016, and with the likes of Lastline and Mimecast joining existing members including FireEye and Cisco, the alliance has further strengthened its ability to protect organizations from today’s advanced threats.

TAP launched in early 2016 to provide organizations with simple integrations that bolster security, improve operational workflow and manageability, maximize security investments, and reduce the risk of falling victim to phishing-driven cyberattacks. After considerable success, the program is pleased to welcome more of the industry’s leading solutions and services providers:

  • Lastline: PhishMe Triage and Lastline Analyst have partnered to provide security teams with an integrated phishing incident response malware analysis solution. The integration has made it efficient for mutual customers to automatically and accurately identify malware much faster, and increase the value from existing security investments
  • Mimecast: PhishMe has entered into an alliance with Mimecast as a go-to-market partner. PhishMe has also joined forces with Mimecast as a founding member within their recently announced Cybersecurity Resiliency Alliance Network.
  • Bay Dynamics: User Behavior Analytics (UBA) leader, Bay Dynamics, and PhishMe partner to empower security teams to conduct phishing simulation campaigns against employees based on their risk profile.
  • McAfee: PhishMe Triage and PhishMe Intelligence can send to or ingest into McAfee’s ESM.
  • ThreatQuotient and Anomali: PhishMe Intelligence can be consumed into leading threat intelligence platforms (TIPs) and cross-correlated across other sources of threat intelligence.

PhishMe is also pleased to have expanded integrations with initial TAP partners:

  • Recorded Future: PhishMe and Recorded Future added to their integration for customers to continually pivot between human-verified phishing intelligence and real-time threat intelligence through the OMNI Intelligence Integration.
  • LogRhythm: PhishMe and LogRhythm completed the integration with PhishMe Triage and LogRhythm’s Security Intelligence Platform.
  • IBM: PhishMe Intelligence and PhishMe Triage support IBM QRadar.
  • HPE: PhishMe has achieved ArcSight certification for PhishMe Intelligence and PhishMe Triage.
  • Splunk: PhishMe Intelligence apps are available at Splunk

“We’re excited to be partnering with PhishMe! By combining PhishMe Triage and Lastline Analyst, we’ve made it efficient for our mutual customers to automatically and accurately identify malware much faster. An added benefit is that our customers increase the value from existing security investments,” said Brian Laing, Vice President of Business Development and Product, at Lastline.

“The PhishMe Technology Alliance Program was created to deliver security benefits that can only be achieved through close cooperation and shared intelligence,” explained Allan Carey, Vice President of Business Development at PhishMe. “By collaborating with industry leading security providers such as Lastline, Mimecast, and our existing TAP members, the alliance is actively showing what can be achieved through a shared commitment to increase security operations efficiency and maximize customer value. Together, we are giving organizations the security solutions and intelligence they need to proactively detect and quickly respond to cyber attacks.”

To learn more about the PhishMe Technology Alliance Program, visit booth 1315 at Black Hat 2016 in Las Vegas.

Connect with PhishMe Online:

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

Q2 2016 Firmly Establishes Ransomware as a Mature Business Model for Malicious Actors

PhishMe Q2 Malware Review identifies key security trends including the rise of encryption ransomware and remote malware deployments

LEESBURG, VA – 2 August, 2016 – PhishMe Inc., a leading provider of human phishing defense solutions, has revealed that the second quarter of 2016 saw ransomware firmly establish itself as a mature business model, with the threat showing no outward signs of diminishing. Encryption ransomware now accounts for 50% of all malware configurations, meaning that it is no longer considered simply a means for making a quick profit, but a permanent fixture on the threat landscape.

Published today, PhishMe’s Q2 2016 Malware Review identified three key trends previously recorded earlier in the year, but now firmly established:

  • Encryption ransomware: Given the tenacity and frequency of ransomware phishing attacks, it appears cybercriminals now consider this a tried and trusted business model
  • Rise in evasion techniques: PhishMe encountered an increase in the number and volume of malware deployments incorporating simple evasion techniques to circumvent protection by security solutions
  • Simple attacks still pack a punch: Numerous deployments of malware were recorded with less sophisticated actors who still wield robust feature sets

In March of 2016, PhishMe malware analysis noted a strong diversification of ransomware strains and were responsible for 93% of all malware payloads delivered that month. The Q2 malware research shows that ransomware has begun consolidation in May and June as Cerber encryption ransomware and Locky strongly dominated in the ransomware scene. The research behind this ransomware evolution strongly supports the notion that ransomware has effectively become a major business model for threat actors, seeking the most advantageous and cost-effective means for generating sustainable profits.

“Barely a year ago, ransomware was a concerning trend on the rise. Now, ransomware is a fully established business model and a reliable profit engine for cybercriminals, as threat actors involved treat it as a legitimate industry by selling information, tools and resources to peers based all around the world,” explained Rohyt Belani, CEO & Co-Founder, PhishMe. “Empowering the human element to detect and report these campaigns needs to be a top priority for organizations if they are to protect themselves from a threat that is here for the long term.”
The report also unveils findings on the usage of stenography and ciphers in malware delivery, both increasingly popular anti-analysis techniques designed to bypass security solutions and the efforts of security researchers. Using a common stenographic technique, threat actors are able to hide the Cerber executable of a Cerber malware payload within a seemingly harmless image file – sneaking past layers of security technologies to make its way into the target victim’s inbox. The report provides further examples on how the executables are embedded and what to look for when conducting a deep ransomware analysis.

Additionally, the Q2 2016 Malware Review also sheds light on remote access Trojan utilities which have garnered significant attention recently due to their purported use in the high profile intrusion and apparent theft of data from the Democratic National Committee. While details regarding the attack are still private, deployment of remote access Trojans via phishing email is a frequent occurrence. The risks associated with these less-sophisticated, yet feature-packed malware utilities have been underscored through frequent use by advanced actors.

To download a full copy of the Q2 2016 Malware Review, click here

Connect with PhishMe Online

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

PhishMe Expands Availability of Phishing Incident Response Solution with Cloud and Managed Deployments

PhishMe Triage is now more easily deployed to meet the needs of organizations of all sizes

LEESBURG, VA – London, UK – 2 August, 2016 – PhishMe, Inc., the leading provider of human-phishing defense solutions, announced today that it has added powerful new features and deployment options to its phishing threat management and incident response platform, PhishMe Triage. PhishMe Triage users can now choose between three deployment options to fit their organization’s needs. Still available in its original form as a virtual appliance, PhishMe Triage now offers a secure cloud and a fully managed option to customers.

PhishMe Triage Cloud delivers a faster time to deploy with a dedicated instance hosted in the PhishMe secure cloud infrastructure that allows customers to continue to manage the day-to-day operational and analysis tasks. With PhishMe Triage Cloud, new customers can be up and running in a matter of days. PhishMe Triage Managed gives customers the opportunity to completely outsource their phishing incident response programs, and includes customizable SLAs, reporting and analysis of reporting phishing incidents while freeing SOC and IR teams to concentrate on other critical tasks. The additional deployment options for PhishMe Triage makes phishing incident response more available to organizations of all sizes and needs.

PhishMe Triage Cloud and PhishMe Triage Managed are already in use by dozens of customers today.  John Helt, Cyber Security Analyst at Scripps Networks Interactive, a leading developer of lifestyle-content for television and the Internet, said: “PhishMe Triage allows us to encourage our users to report suspicious messages knowing that each will be carefully analyzed with prompt feedback returned to each individual. The solution provides our response teams the rapid, detailed information they need to address e-mail threats quickly and efficiently without wasting time chasing false positives.”

Further strengthening the Triage capabilities, PhishMe has added new significant features to the solution, these include:

Reputation Prioritization with VIP Reporter

PhishMe Triage now prioritizes suspicious activity reported by trusted “VIPs” within an organization. The ability to set reputation and trust levels for VIPs  helps operators quickly assess and respond to possible threats as reported by the most vigilant and astute reporters in the company.

Streamlined Management with Syslog Alerts

PhishMe Triage can now proactively provide timely threat information to SOC operators even if they are not actively monitoring the solution when a threat is reported. With Syslog Alerts, PhishMe Triage can drive a pre-configured alert into the customer’s SEIM to trigger workflows established to handle security alerts.

Lastline Analyst Integration

PhishMe Triage and Lastline Analyst have partnered to provide security teams with an integrated phishing incident response malware analysis solution. The integration has made it efficient for mutual customers to automatically and accurately identify malware much faster, and increase the value from existing security investments

“As malware attacks continue to grow exponentially, it is important for businesses to rely on a solution that is widely available and accessible. The expansion of PhishMe Triage deployment options enables businesses to scale up and scale down their security efforts for a leaner experience,” said Aaron Higbee, CTO at PhishMe. “Updates to our Triage offerings will also enable our customers to significantly reduce incident response times, whilst allowing them to obtain accurate threat information for timely security alerts.”

For more information on PhishMe’s enterprise phishing defense solution, please visit http://phishme.com/product-services/pm-solution/.

Connect with PhishMe Online:

Follow PhishMe on Twitter: https://twitter.com/phishme

Follow PhishMe’s Blog: http://phishme.com/blog/

Follow PhishMe on LinkedIn: https://www.linkedin.com/company/phishme-inc-

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

PhishMe Raises $42.5 Million In Series C Funding Led By Paladin Capital Group And Joined By New Investor Bessemer Venture Partners

Global leader in enterprise phishing defense and intelligence drives towards rapid development and expansion into Europe and Asia with significant VC investment

LEESBURG, VA – July 26th, 2016 – PhishMe Inc., the leading provider of human phishing defense solutions, today announced it has raised $42.5 million in Series C funding led by existing investor Paladin Capital Group, an established, multi-stage private equity firm that initially invested in the business in 2012. The deal also saw the participation from new investor Bessemer Venture Partners, a $4 billion venture capital firm investing in startups at every stage, in every corner of the globe.

PhishMe Announces Inaugural Annual User Conference and Phishing Defense Summit

PhishMe Submerge features industry expert speakers, including keynote by FireEye CTO,
and sessions focused on latest threats and security trends

LEESBURG, (VA.) July 13, 2016 – PhishMe, a global provider of phishing defense solutions for the enterprise, has announced that registration is open for its inaugural phishing defense summit and user conference, called PhishMe Submerge. This first-of-its-kind event, which is taking place Sept. 28-29 in Orlando, FL, will bring together industry experts with practitioners who are on the front lines to discuss the security threat landscape and share phishing defense strategies. Featured speakers will include Grady Summers, CTO of FireEye as the opening keynote speaker, along with PhishMe’s Co-Founders, Rohyt Belani, CEO, and Aaron Higbee, CTO.

PhishMe Expands Senior Leadership Team

Global Leader in Phishing Defense Hires Experienced Engineering and Professional Services Leaders to Support Company’s Hyper-Growth

LEESBURG, VA, July 7, 2016 PhishMe, a global provider of phishing-defense and intelligence solutions for the enterprise, today announced it has made two senior hires in Wade Weeks and Joshua Nicholson to complement its management team. The addition of these gentlemen furthers PhishMe’s continued commitment to innovating to outpace the changing tactics of the adversaries, while supporting its customers with access to an industry-leading professional services team that complements its bleeding-edge technologies.

PhishMe Adds HIPAA, PCI-DSS and PII Training Modules to Complimentary CBFree Program

Global Leader in Human Phishing Defense Provides Free Regulatory Compliance Trainings in CBFree Offering

Leesburg, VA – June 30 2016 – PhishMe, a global provider of phishing defense and intelligence solutions for the enterprise, is excited to announce the immediate availability of three new, complimentary Computer-Based Trainings, accessible through the PhishMe CBFree program. These modules are specifically designed to address the stringent PHI/HIPAA, PCI and PII requirements and provide employees with a better understanding of the policies, procedures, and reporting when handling protected personal information.

PhishMe Launches New ‘Threat Alerts’ Service to Help Organizations Get Ahead of Phishing Dangers

Global leader in phishing defense and intelligence now provides users real-time warnings of phishing and malware trends

Leesburg, (Va. USA) June 29 2016:  PhishMe, a global provider of phishing-defense solutions for the enterprise, has today launched PhishMe Threat Alerts. The service has been introduced to provide subscribers with increased visibility of critical, and developing, phishing and malware threats and trends. Identifying potential compromise indicators allows organizations to take remedial action and prevent threats before they can gain a foothold in the network.

“Mandiant’s 2016 M-Trends report indicates the number of days to detect a breach has dropped from 204 in 2014 to 146 in 2015. This report also states that the percentage of breaches detected by internal teams has actually increased to 47% in 2015 (compared to just 31% in 2014) with the median number of days for an internal team to detect a breach now 56 days,” explains Aaron Higbee, CTO and Co-Founder of PhishMe. “While these statistics indicate there has been improvement in breach detection, it is still a long time to be left exposed. What we hope to do, by introducing PhishMe Threat Alerts, is to provide developing intelligence to organizations that can act as an early warning system. With over 91% of all network attacks traced back to a successful phishing attempts, identifying and illuminating developing threats has to be a priority.”

PhishMe Threat Alerts encapsulate indicators of phishing attacks that the PhishMe Research team has confirmed in the wild.

Aaron concludes, “We receive and analyze millions of messages daily, from a wide variety of sources, which are then dissected to determine relationships between them. Our unique clustering algorithms sort malicious emails based on a number of factors which allows us to watch for, and identify, new and emerging threats. By providing this actionable intelligence as real time threat alerts, we hope to help organizations prioritize, investigate, and respond to threats that may target their networks.”

Sign up to receive PhishMe Threat Alerts here.

About PhishMe

PhishMe is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.

PhishMe Enhances Phishing Incident Response Platform

PhishMe Triage TM improved with integrations, collaboration, ability to crowdsource threat rules and malicious attachment preview tool

Leesburg, Va, June 23, 2016 PhishMe, a global provider of phishing-defense and intelligence solutions for the enterprise, has today confirmed it has bolstered its phishing threat management and incident response platform – PhishMe Triage. Enhancements include further integrations with third parties including  PhishMe Intelligence and improved collaboration with a crowdsourced YARA Rule Exchange and PhishMe Community to help save analyst time and improve response efficiency.