Endpoint
2/17/2016
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Wombat Security Launches PhishAlarm Analyzer

New solution uses machine learning to recognize phishing attacks allowing security response teams to remediate reported attacks efficiently.

Pittsburgh, PA – February 16, 2016 Wombat Security Technologies (Wombat) today announced the launch of PhishAlarm Analyzer, a software-based e-mail phishing triage solution that uses machine learning to check emails against multiple security sources to identify and prioritize reported phishing emails for incident response teams. Quick identification and categorization allows infosecurity officers and security response teams to isolate and remediate suspected phishing messages, including zero-hour attacks.

Phishing emails remain one of the largest threats to organizations today and is the initiation point for most data breaches. Wombat’s PhishAlarm® product, introduced just a few months ago, enables end users to recognize and report suspected phishing emails by pressing a button in their email client (Microsoft Outlook, 365, or Gmail). A companion to PhishAlarm, PhishAlarm Analyzer reviews the reported phishing emails against various threat vectors via machine learning and ranks the riskiness of the email. Competing triage solutions of this type only consider an end user’s ‘trustworthiness’ and ‘accuracy’ in identifying threats which can provide less reliable results and take months or years to accurately rank users. 

“Phishing campaigns are becoming more complex and targeted, so rating users on ‘accuracy’ or ‘trustworthiness’ can be an ineffective approach,” said Al Himler, Senior Director of Product Management at Wombat. “Instead of discounting users for falsely identifying a phishing email, PhishAlarm Analyzer pools information about blacklists, known attacks, dangerous IP addresses, and other markers from a multitude of reliable resources. The end result is a faster path to remediation and a more effective use of information security assets.”

PhishAlarm Analyzer scans reported emails and examines them based on standard security indicators of compromise. The emails are then prioritized, and an HTML research report on the reported email is delivered to the incident response teams.  The research report saves time for the incident response team by performing much of the research in advance so that they respond more quickly to the reported threats.

By using various email threat feeds coupled with machine learning, PhishAlarm Analyzer constantly improves as it learns new patterns of email threats. PhishAlarm Analyzer is built to scan emails quickly, prioritize the threat, including identifying zero-hour phishing attacks in real time. By quickly detecting and ranking the most dangerous threats, PhishAlarm Analyzer allows incident response teams to prioritize remediation.

The PhishAlarm Analyzer product is being trialed by customers now and will be generally available during the second quarter of 2016. Anyone interested in learning more about the product can receive a demonstration in Wombat Security booths 4333 and 4235 during the RSA Conference February 29-March 3 2016 at the Moscone Convention Center in San Francisco, or they can contact Wombat at: [email protected] wombatsecurity.com.

About Wombat Security Technologies

Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS-based cyber security education solution includes a platform of integrated broad assessments, as well as a library of simulated attacks and brief interactive training modules. Wombat's solutions help organizations reduce successful phishing attacks and malware infections up to 90%. Wombat, recognized by Gartner as a leader in the Magic Quadrant for Security Awareness Computer-Based Training Vendors, is helping Fortune 1000 and Global 2000 customer in industry segments such as finance and banking, energy, technology, higher education, retail and consumer packaged goods to strengthen their cyber security defenses.

###

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity Ventures,  12/11/2017
BlueBorne Attack Highlights Flaws in Linux, IoT Security
Kelly Sheridan, Associate Editor, Dark Reading,  12/14/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.