Cofense News

Updates to Cofense Phishing Simulation Platform Add Even More Opportunities for Automation

Cofense has announced that further updates have been made to its award-winning phishing email simulation platform, Cofense PhishMe. The updates provide even greater opportunities for automating phishing simulation campaigns to save administrators even more time.

Security awareness and anti-phishing training is now an important part of healthcare organizations’ cybersecurity programs. In addition to investing in technology to block phishing and other email-based threats, end users require training. Even layered defenses will not stop all phishing threats from reaching inboxes. Without training, end users will remain the weakest link in the security chain.

Phishing simulation exercises are an important part of the training process. They allow security teams to assess how effective their training programs have been and identify weak points in the training program. They also allow security teams to identify individuals who have failed to understand certain parts of the training program.

While phishing simulation platforms include some opportunities for automation and scheduling, creating and running phishing simulations can still be a time-consuming process.

The latest updates to the Cofense PhishMe platform incorporate even more opportunities for automation. Whereas creating a program of 12 phishing scenarios and scheduling those campaigns over the course of a year would have taken an administrator about three hours to complete, the update shaves off 91% of that time. The same 12 campaigns can be created and scheduled in 15 minutes.

This has been achieved with the use of playbooks. The playbooks can be used to create, schedule, and launch phishing templates and schedule them over the course of a year. Additionally, administrators can automate the sending of reminders to end users based on the training programs they have competed – or not completed – saving even more time. The playbooks also incorporate the lessons learned from phishing simulation campaigns conducted by 400 of Fortune 1000 companies that have used the Cofense PhishMe platform.

“At Cofense we believe in automation as a way to relieve security operators of the repetitive tasks to allow them to focus on strategic, intelligent decision-making,” said Rohyt Belani, Co-founder and CEO of Cofense. “Playbooks are meant to allow both managed services providers and our end clients the ability to choose various programs just like one does on a treadmill in a gym, so they don’t need to focus on the metaphorical tasks of having to change speed and incline but can instead focus on designing and tracking the appropriate success criteria and presenting them appropriately to senior management.”

In addition to the Cofense PhishMe updates, the Leesburg, VA-based company has also recently launched its new phishing-specific Security Orchestration, Automation and Response (SOAR) platform, has incorporated board-level reporting, and has launched mobile Cofense Reporter and more accurate Microsoft attachment tracking. These updates and the continued high-level innovation have helped the company remain the market leader in phishing defense and attack disruption.

The post Updates to Cofense Phishing Simulation Platform Add Even More Opportunities for Automation appeared first on HIPAA Journal.

Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform

Cofense has developed a new product which will soon be added to its portfolio of anti-phishing solutions for healthcare organizations and incorporated into its phishing-specific security orchestration, automation and response (SOAR) platform.

The announcement comes at a time when the healthcare industry has been experiencing an uptick in phishing attacks. The past few months have seen a large number of healthcare organizations fall victims to phishing attacks that have resulted in cybercriminals gaining access to employee’s email accounts and the PHI contained therein.

Perimeter security defenses can be enhanced to greatly reduce the number of malicious emails that reach employees’ inboxes, but even when multiple security solutions are deployed they will not block all phishing threats.

Security awareness training is essential to reduce susceptibility to phishing attacks by conditioning employees to stop and think before clicking links in emails or opening questionable email attachments and to report suspicious emails to their security teams.

However, security teams can struggle to identify real threats quickly. Employees will typically report a wide range of emails, not just malicious messages. Most organizations will see their abuse mailboxes fill up rapidly and security teams often waste valuable time sifting through messages to find the real threats.

Cofense has attempted to solve the problem with the release of a SOAR platform that helps incident response teams identify and mitigate phishing attacks in progress much more rapidly. Cofense Triage allows incident response teams to rapidly assess, analyze, and remediate phishing attacks in real-time by filtering out the noise.

Cofense Triage has recently been enhanced with new features that allow third-party security solutions to be integrated through its REST API to ensure an optimized, security orchestration response. Remediating phishing threats has been made easier through automation using playbooks and workflows – sets of criteria that will automatically execute a response to mitigate an attack if certain criteria are met.

Now the Leesburg, VA-based anti-phishing vendor has developed a new anti-phishing solution – Cofense Vision – which will soon be incorporated into its phishing-specific SOAR. Cofense Vision – due to be generally available in Q4 2018 – will make it easier and quicker to identify all phishing emails in a campaign and quarantine them rapidly to neutralize the threat.

When a phishing email is identified, it is unlikely to be the only copy of the message in an organization’s email system. Tens or even hundreds of copies may be hiding in other inboxes, including carbon copies of the message, variations along the same theme, and totally different messages containing the same malicious payload.

Cofense Vision helps incident response teams search, identify, and quarantine all phishing emails in a particular campaign, querying messages by sender, date, subject, attachment name, attachment hash, and many more criteria. When all messages have been identified, they can be quarantined with a single click, removing all malicious messages from an organization’s entire email system.

This is just one of a host of new anti-phishing solutions that can be deployed to help healthcare organizations deal with the threat of phishing. As news breaks of a million-record-plus healthcare phishing attack, advanced phishing solutions are clearly needed to tackle the threat to the confidentiality, integrity, and availability of PHI.

The post Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform appeared first on HIPAA Journal.

Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform

Cofense has developed a new product which will soon be added to its portfolio of anti-phishing solutions for healthcare organizations and incorporated into its phishing-specific security orchestration, automation and response (SOAR) platform.

The announcement comes at a time when the healthcare industry has been experiencing an uptick in phishing attacks. The past few months have seen a large number of healthcare organizations fall victims to phishing attacks that have resulted in cybercriminals gaining access to employee’s email accounts and the PHI contained therein.

Perimeter security defenses can be enhanced to greatly reduce the number of malicious emails that reach employees’ inboxes, but even when multiple security solutions are deployed they will not block all phishing threats.

Security awareness training is essential to reduce susceptibility to phishing attacks by conditioning employees to stop and think before clicking links in emails or opening questionable email attachments and to report suspicious emails to their security teams.

However, security teams can struggle to identify real threats quickly. Employees will typically report a wide range of emails, not just malicious messages. Most organizations will see their abuse mailboxes fill up rapidly and security teams often waste valuable time sifting through messages to find the real threats.

Cofense has attempted to solve the problem with the release of a SOAR platform that helps incident response teams identify and mitigate phishing attacks in progress much more rapidly. Cofense Triage allows incident response teams to rapidly assess, analyze, and remediate phishing attacks in real-time by filtering out the noise.

Cofense Triage has recently been enhanced with new features that allow third-party security solutions to be integrated through its REST API to ensure an optimized, security orchestration response. Remediating phishing threats has been made easier through automation using playbooks and workflows – sets of criteria that will automatically execute a response to mitigate an attack if certain criteria are met.

Now the Leesburg, VA-based anti-phishing vendor has developed a new anti-phishing solution – Cofense Vision – which will soon be incorporated into its phishing-specific SOAR. Cofense Vision – due to be generally available in Q4 2018 – will make it easier and quicker to identify all phishing emails in a campaign and quarantine them rapidly to neutralize the threat.

When a phishing email is identified, it is unlikely to be the only copy of the message in an organization’s email system. Tens or even hundreds of copies may be hiding in other inboxes, including carbon copies of the message, variations along the same theme, and totally different messages containing the same malicious payload.

Cofense Vision helps incident response teams search, identify, and quarantine all phishing emails in a particular campaign, querying messages by sender, date, subject, attachment name, attachment hash, and many more criteria. When all messages have been identified, they can be quarantined with a single click, removing all malicious messages from an organization’s entire email system.

This is just one of a host of new anti-phishing solutions that can be deployed to help healthcare organizations deal with the threat of phishing. As news breaks of a million-record-plus healthcare phishing attack, advanced phishing solutions are clearly needed to tackle the threat to the confidentiality, integrity, and availability of PHI.

The post Cofense Develops New Phishing-Specific Security Orchestration, Automation and Response Platform appeared first on HIPAA Journal.

CSO Online Rates Cofense Triage One of Best Security Software Solutions of 2018

Cofense Triage, the phishing incident response platform, has been included in CSO Online’s 2018 list of the best security software solutions of 2018.

To produce the list, CSO Online conducted independent reviews of a wide range of software solutions. Strict review methodologies were used to select the best security products currently on the market. Each product was researched to find out how it worked, how the solution could be deployed in customer environments, the benefits it provided, and the major problems that the solution resolved.

The review was based on the top technology areas for security identified by Gartner, which included cloud workload protection platforms, remote browsers, deception technologies, endpoint detection and response platforms, network traffic analysis solutions, managed detection and response services, microsegmentation solutions, cloud access security brokers, OSS security scanning services for DevSecOps, and container security.

CSO Online tested all security solutions in a dedicated lab environment with each tested, where appropriate, against some of the most dangerous threats faced by businesses.

CSO Online selected 12 top vendors – one in each category – with Cofense Triage selected as the best security software solution in the phishing defense category. CSO Online explained that Cofense Triage is still evolving but even in its current form it is one of the most advanced defenses businesses and implement to protect them from phishing attacks.

Cofense Triage is deployed as an on-premises virtual appliance that connects with corporate email programs and helps companies manage reports from employees of suspected phishing attempts and phishing attacks in progress.

Secure email gateways and anti-spam solutions are essential, but they fail to block all phishing threats. Many malicious emails make it past those perimeter defenses and are delivered to end users’ inboxes.

Security awareness training – also provided by Cofense – helps employees recognize phishing threats. A one-click phishing email reporting solution – such as Cofense Reporter – allows employees to quickly send suspicious emails to their security teams. Managing those emails can be difficult and time consuming, which is where Cofense Triage helps. Through a combination of human intelligence and machine learning, the solution helps security teams quickly identify the wheat from the chaff and concentrate on the real phishing attempts rather than wasting time on false positives.

Cofense notes that typically only 10% of reported emails are malicious in nature. Security teams often spend a considerable amount of time assessing the 90% of reported emails that are non-malicious in nature.

“Cofense Triage is crucial for security operations teams to quickly find and disrupt active phishing attacks mere minutes after being reported within their organization. Having Triage recognized as one of this year’s best security software solutions, and the best phishing defense solution, by the technical experts at CSO Online is a true testament to that ability,” said Aaron Higbee, CTO and co-founder of Cofense.

The post CSO Online Rates Cofense Triage One of Best Security Software Solutions of 2018 appeared first on HIPAA Journal.

Cofense Launches Free Tool That Checks for SaaS Applications Using Corporate Domains

The anti-phishing solution provider Cofense has launched a new tool that allows organizations to check what Software-as-a-Service (SaaS) applications have been registered by employees using corporate domains.

The tool identifies configured cloud services, allowing security teams to check which SaaS applications are in use and take action over unauthorized use of cloud applications by employees.

The solution will query a corporate domain against a list of commonly used SaaS applications and will return a list of all SaaS applications that are in use, highlighting applications that have been provisioned without prior approval from the IT department. A file can be downloaded detailing all SaaS applications in use which can be compared with future scans to identify new SaaS applications that have been provisioned since the last time the query was run.

Shadow IT introduces risks, yet IT departments are often unaware of employees’ activities. Many companies are in the dark about the software used by their employees and the cloud services registered using company domains. This new service will help to improve security by identifying the latter.

An additional threat from the unsanctioned use of SaaS applications is the potential for SaaS providers to be impersonated by scammers.

“CEO fraud or Business Email Compromise (BEC) is a very real threat that typically targets members in finance.  But attackers can easily repurpose the technique creating realistic phishing sites targeting HR, IT, Engineering, Support, etc… masquerading as cloud tools the organization actually uses, ” said Cofense co-founder and CTO, Aaron Higbee. “CloudSeeker shines a light on shadow IT and counters the security risk it presents by seamlessly fitting into an organization’s broader security ecosystem. By offering this free solution to businesses, we are leveling up the playing field between attackers and would-be victims. After all, putting up a good defense requires a strong offense, critical to this is knowing where the threats are in the first place.”

The cloud security tool – CloudSeeker – is available free of charge to all organizations, even those who have not signed up to use the Cofense suite of anti-phishing and phishing intelligence services. The solution only requires a corporate domain to be entered. No personally identifiable information is required.

The post Cofense Launches Free Tool That Checks for SaaS Applications Using Corporate Domains appeared first on HIPAA Journal.

PhishMe Rebrands as Cofense and Announces Acquisition by Private Equity Syndicate

PhishMe, the leading provider of human phishing defense solutions, has announced that from February 26, 2018, the firm will be known as Cofense. Along with the name change, the firm has announced it has been acquired by a private equity syndicate, which valued the firm at $400 million.

PhishMe was formed in 2007 with the aim of developing products and services to tackle the growing threat from phishing. Employees have long been viewed as the weakest link in security, yet the human element of security defenses was often neglected. Over the years, PhishMe developed its products and services to help companies improve their last line of defense and turn security liabilities into security assets.

PhishMe has helped thousands of organizations improve their defenses against phishing through training and phishing simulations. The firm has also developed a range of associated products and services including a reporting platform that has now been adopted by more than 2 million users, as well as incident response and threat intelligence services.

While phishing defense is still at the heart of the, the name change reflects the more comprehensive range of products and services now being offered and future plans for expansion of its enterprise-wide attack detection, response, and orchestration solutions.

The acquisition will help in that regard. With the backing of the private equity syndicate, the company’s finances have been secured and the firm is planning to expand and enhance its products and services and increase its global reach.

“This acquisition further strengthens the alignment between our management team, employees, and investors as we focus on building an enduring company,” explained Cofense co-founder and CEO Rohyt Belani. “With cybersecurity a top priority for organizations everywhere, our goal is to continue bringing innovative products to markets around the globe to help stop active attacks faster than ever.”

The post PhishMe Rebrands as Cofense and Announces Acquisition by Private Equity Syndicate appeared first on HIPAA Journal.