Endpoint

2/17/2016
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Wombat Security Launches PhishAlarm Analyzer

New solution uses machine learning to recognize phishing attacks allowing security response teams to remediate reported attacks efficiently.

Pittsburgh, PA – February 16, 2016 Wombat Security Technologies (Wombat) today announced the launch of PhishAlarm Analyzer, a software-based e-mail phishing triage solution that uses machine learning to check emails against multiple security sources to identify and prioritize reported phishing emails for incident response teams. Quick identification and categorization allows infosecurity officers and security response teams to isolate and remediate suspected phishing messages, including zero-hour attacks.

Phishing emails remain one of the largest threats to organizations today and is the initiation point for most data breaches. Wombat’s PhishAlarm® product, introduced just a few months ago, enables end users to recognize and report suspected phishing emails by pressing a button in their email client (Microsoft Outlook, 365, or Gmail). A companion to PhishAlarm, PhishAlarm Analyzer reviews the reported phishing emails against various threat vectors via machine learning and ranks the riskiness of the email. Competing triage solutions of this type only consider an end user’s ‘trustworthiness’ and ‘accuracy’ in identifying threats which can provide less reliable results and take months or years to accurately rank users. 

“Phishing campaigns are becoming more complex and targeted, so rating users on ‘accuracy’ or ‘trustworthiness’ can be an ineffective approach,” said Al Himler, Senior Director of Product Management at Wombat. “Instead of discounting users for falsely identifying a phishing email, PhishAlarm Analyzer pools information about blacklists, known attacks, dangerous IP addresses, and other markers from a multitude of reliable resources. The end result is a faster path to remediation and a more effective use of information security assets.”

PhishAlarm Analyzer scans reported emails and examines them based on standard security indicators of compromise. The emails are then prioritized, and an HTML research report on the reported email is delivered to the incident response teams.  The research report saves time for the incident response team by performing much of the research in advance so that they respond more quickly to the reported threats.

By using various email threat feeds coupled with machine learning, PhishAlarm Analyzer constantly improves as it learns new patterns of email threats. PhishAlarm Analyzer is built to scan emails quickly, prioritize the threat, including identifying zero-hour phishing attacks in real time. By quickly detecting and ranking the most dangerous threats, PhishAlarm Analyzer allows incident response teams to prioritize remediation.

The PhishAlarm Analyzer product is being trialed by customers now and will be generally available during the second quarter of 2016. Anyone interested in learning more about the product can receive a demonstration in Wombat Security booths 4333 and 4235 during the RSA Conference February 29-March 3 2016 at the Moscone Convention Center in San Francisco, or they can contact Wombat at: [email protected] wombatsecurity.com.

About Wombat Security Technologies

Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS-based cyber security education solution includes a platform of integrated broad assessments, as well as a library of simulated attacks and brief interactive training modules. Wombat's solutions help organizations reduce successful phishing attacks and malware infections up to 90%. Wombat, recognized by Gartner as a leader in the Magic Quadrant for Security Awareness Computer-Based Training Vendors, is helping Fortune 1000 and Global 2000 customer in industry segments such as finance and banking, energy, technology, higher education, retail and consumer packaged goods to strengthen their cyber security defenses.

###

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "I'm not sure I like this top down management approach!"
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17332
PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls.
CVE-2018-17333
PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because sscanf is misused.
CVE-2018-17334
PUBLISHED: 2018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy limit is miscalculated.
CVE-2018-17336
PUBLISHED: 2018-09-22
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n...
CVE-2018-17321
PUBLISHED: 2018-09-22
An issue was discovered in SeaCMS 6.64. XSS exists in admin_datarelate.php via the time or maxHit parameter in a dorandomset action.