Endpoint

2/17/2016
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Wombat Security Launches PhishAlarm Analyzer

New solution uses machine learning to recognize phishing attacks allowing security response teams to remediate reported attacks efficiently.

Pittsburgh, PA – February 16, 2016 Wombat Security Technologies (Wombat) today announced the launch of PhishAlarm Analyzer, a software-based e-mail phishing triage solution that uses machine learning to check emails against multiple security sources to identify and prioritize reported phishing emails for incident response teams. Quick identification and categorization allows infosecurity officers and security response teams to isolate and remediate suspected phishing messages, including zero-hour attacks.

Phishing emails remain one of the largest threats to organizations today and is the initiation point for most data breaches. Wombat’s PhishAlarm® product, introduced just a few months ago, enables end users to recognize and report suspected phishing emails by pressing a button in their email client (Microsoft Outlook, 365, or Gmail). A companion to PhishAlarm, PhishAlarm Analyzer reviews the reported phishing emails against various threat vectors via machine learning and ranks the riskiness of the email. Competing triage solutions of this type only consider an end user’s ‘trustworthiness’ and ‘accuracy’ in identifying threats which can provide less reliable results and take months or years to accurately rank users. 

“Phishing campaigns are becoming more complex and targeted, so rating users on ‘accuracy’ or ‘trustworthiness’ can be an ineffective approach,” said Al Himler, Senior Director of Product Management at Wombat. “Instead of discounting users for falsely identifying a phishing email, PhishAlarm Analyzer pools information about blacklists, known attacks, dangerous IP addresses, and other markers from a multitude of reliable resources. The end result is a faster path to remediation and a more effective use of information security assets.”

PhishAlarm Analyzer scans reported emails and examines them based on standard security indicators of compromise. The emails are then prioritized, and an HTML research report on the reported email is delivered to the incident response teams.  The research report saves time for the incident response team by performing much of the research in advance so that they respond more quickly to the reported threats.

By using various email threat feeds coupled with machine learning, PhishAlarm Analyzer constantly improves as it learns new patterns of email threats. PhishAlarm Analyzer is built to scan emails quickly, prioritize the threat, including identifying zero-hour phishing attacks in real time. By quickly detecting and ranking the most dangerous threats, PhishAlarm Analyzer allows incident response teams to prioritize remediation.

The PhishAlarm Analyzer product is being trialed by customers now and will be generally available during the second quarter of 2016. Anyone interested in learning more about the product can receive a demonstration in Wombat Security booths 4333 and 4235 during the RSA Conference February 29-March 3 2016 at the Moscone Convention Center in San Francisco, or they can contact Wombat at: [email protected] wombatsecurity.com.

About Wombat Security Technologies

Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS-based cyber security education solution includes a platform of integrated broad assessments, as well as a library of simulated attacks and brief interactive training modules. Wombat's solutions help organizations reduce successful phishing attacks and malware infections up to 90%. Wombat, recognized by Gartner as a leader in the Magic Quadrant for Security Awareness Computer-Based Training Vendors, is helping Fortune 1000 and Global 2000 customer in industry segments such as finance and banking, energy, technology, higher education, retail and consumer packaged goods to strengthen their cyber security defenses.

###

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
The Case for a Human Security Officer
Ira Winkler, CISSP, President, Secure Mentem,  12/5/2018
Windows 10 Security Questions Prove Easy for Attackers to Exploit
Kelly Sheridan, Staff Editor, Dark Reading,  12/5/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-8651
PUBLISHED: 2018-12-12
A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV.
CVE-2018-8652
PUBLISHED: 2018-12-12
A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input, aka "Windows Azure Pack Cross Site Scripting Vulnerability." This affects Windows Azure Pack Rollup 13.1.
CVE-2018-8617
PUBLISHED: 2018-12-12
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8...
CVE-2018-8618
PUBLISHED: 2018-12-12
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8...
CVE-2018-8619
PUBLISHED: 2018-12-12
A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Exp...