The Phishing epidemic problem.
We have a multi-layer approach. We provide our users with the ability to report something suspicious in their mailboxes. Then, we take the report and we send it to Sandbox, Virus Total, Check Point and others so they can verify if it’s malicious and already known. If it’s unknown, we would like the IT team to report it and then it will be automatically deleted and remediated from all mailboxes. But that’s not enough. Now we have a decision-making tool that we developed called Iron Sights. It’s a mailbox protector. Based on the user’s meta data that he has in his mailbox, we learn his outlook, behavior, who he’s exchanged emails with, their domains and all the other meta data. Now, we can give the user “abnormal behavior” alerts. After that, we can share the knowledge anonymously and securely with other companies around the globe.
The competition we have is only on the awareness level. Nothing like the automatic incident response that we provide.
We are involved from the moment a user receives a suspicious email until the moment that all emails with similar malicious traits and meta data from all mailboxes are remediated. There’s no manual process. There’s no classification that you need to build every attack. It’s all automatic. We do the integration for you and we will tell you if the email is true phishing or not.
Awareness (or lack thereof!)