Leading Anti-Phishing Provider Launches New Product for Security Analysts and Incident Response Teams to Operationalize Internal Human Intelligence
LEESBURG, Va., April 15, 2015 – PhishMe® Inc., the leading provider of phishing threat management solutions that empower employees to be a layer of human security sensors against phishing, malware, and drive-by attacks, today introduces PhishMe Triage, a new product offering that gives incident responders the analytics and visibility into email-based attacks occurring against their organizations in near real-time. The patent-pending technology, Triage, provides security operations center (SOC) analysts and incident responders insight into ongoing spear phishing attacks by automating the analysis and orchestrating the workflow associated with employee reported suspicious emails to reduce the detection deficit facing their enterprises. Triage is currently the only offering that leverages human intelligence inside the organization and turns conditioned employees, traditionally considered the weakest link, into the strongest detection asset for security operators.
“Detectives have long known the value of a reliable informant, so why not groom similar relationships between users and incident responders in the enterprise? PhishMe has essentially built a product set to do this”, says Adrian Sanabria, senior security analyst at 451 Research. “Simulator tells you how good users are at spotting threats and grooms them to be better. Reporter allows them to exercise these skills every day with live email, and Triage adds a platform for incident handlers to act on Reporter’s data in an automated manner that can also integrate with other security product investments within the enterprise.”
Targeted phishing remains one of the top threats to organizations as demonstrated by data breaches over the last 12 months. According to Verizon’s 2015 DBIR report, “In the 2013 DBIR, phishing was associated with over 95% of incidents attributed to state-sponsored actors, and for two years running, more than two-thirds of incidents that comprise the Cyber-Espionage pattern have featured phishing.” Establishing a network of human sensors through focused conditioning on the relevant threats to the organization operationalizes their knowledge by motivating employees to be trusted informants of suspicious artifacts in their email inboxes and thus transforms them into a critical part of the security posture – the first line of defense.
This natural extension of the PhishMe portfolio delivers on its mission to provide innovative approaches that address the human element of cyber security. PhishMe Triage will be showcased during the 2015 RSA Conference in San Francisco, CA in the South Hall at booth #1663.
“We are excited to debut a first of its kind solution that allows organizations to tap into their own enterprise-sourced phishing intelligence,” said Aaron Higbee, CTO of PhishMe. “Suspicious email reports from skilled informants – your employees – can now be prioritized and processed by incident responders based on the volume and reputation of the reporting employees, PhishMe intelligence, and indicators of attack that go beyond malware signatures.”
For more information about PhishMe Triage and PhishMe’s unified phishing threat management solution, please visit phishme.com. PhishMe Triage is generally available as a virtual or hardware appliance via a perpetual or subscription license fee in North America and will be released in EMEA later in the second quarter of 2015.
PhishMe® is the leading provider of threat management for organizations concerned about human susceptibility to advanced targeted attacks. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.