Cofense News

Cofense Launches Free Tool That Checks for SaaS Applications Using Corporate Domains

The anti-phishing solution provider Cofense has launched a new tool that allows organizations to check what Software-as-a-Service (SaaS) applications have been registered by employees using corporate domains.

The tool identifies configured cloud services, allowing security teams to check which SaaS applications are in use and take action over unauthorized use of cloud applications by employees.

The solution will query a corporate domain against a list of commonly used SaaS applications and will return a list of all SaaS applications that are in use, highlighting applications that have been provisioned without prior approval from the IT department. A file can be downloaded detailing all SaaS applications in use which can be compared with future scans to identify new SaaS applications that have been provisioned since the last time the query was run.

Shadow IT introduces risks, yet IT departments are often unaware of employees’ activities. Many companies are in the dark about the software used by their employees and the cloud services registered using company domains. This new service will help to improve security by identifying the latter.

An additional threat from the unsanctioned use of SaaS applications is the potential for SaaS providers to be impersonated by scammers.

“CEO fraud or Business Email Compromise (BEC) is a very real threat that typically targets members in finance.  But attackers can easily repurpose the technique creating realistic phishing sites targeting HR, IT, Engineering, Support, etc… masquerading as cloud tools the organization actually uses, ” said Cofense co-founder and CTO, Aaron Higbee. “CloudSeeker shines a light on shadow IT and counters the security risk it presents by seamlessly fitting into an organization’s broader security ecosystem. By offering this free solution to businesses, we are leveling up the playing field between attackers and would-be victims. After all, putting up a good defense requires a strong offense, critical to this is knowing where the threats are in the first place.”

The cloud security tool – CloudSeeker – is available free of charge to all organizations, even those who have not signed up to use the Cofense suite of anti-phishing and phishing intelligence services. The solution only requires a corporate domain to be entered. No personally identifiable information is required.

The post Cofense Launches Free Tool That Checks for SaaS Applications Using Corporate Domains appeared first on HIPAA Journal.

PhishMe Rebrands as Cofense and Announces Acquisition by Private Equity Syndicate

PhishMe, the leading provider of human phishing defense solutions, has announced that from February 26, 2018, the firm will be known as Cofense. Along with the name change, the firm has announced it has been acquired by a private equity syndicate, which valued the firm at $400 million.

PhishMe was formed in 2007 with the aim of developing products and services to tackle the growing threat from phishing. Employees have long been viewed as the weakest link in security, yet the human element of security defenses was often neglected. Over the years, PhishMe developed its products and services to help companies improve their last line of defense and turn security liabilities into security assets.

PhishMe has helped thousands of organizations improve their defenses against phishing through training and phishing simulations. The firm has also developed a range of associated products and services including a reporting platform that has now been adopted by more than 2 million users, as well as incident response and threat intelligence services.

While phishing defense is still at the heart of the, the name change reflects the more comprehensive range of products and services now being offered and future plans for expansion of its enterprise-wide attack detection, response, and orchestration solutions.

The acquisition will help in that regard. With the backing of the private equity syndicate, the company’s finances have been secured and the firm is planning to expand and enhance its products and services and increase its global reach.

“This acquisition further strengthens the alignment between our management team, employees, and investors as we focus on building an enduring company,” explained Cofense co-founder and CEO Rohyt Belani. “With cybersecurity a top priority for organizations everywhere, our goal is to continue bringing innovative products to markets around the globe to help stop active attacks faster than ever.”

The post PhishMe Rebrands as Cofense and Announces Acquisition by Private Equity Syndicate appeared first on HIPAA Journal.