Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

2/17/2016
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Wombat Security Launches PhishAlarm Analyzer

New solution uses machine learning to recognize phishing attacks allowing security response teams to remediate reported attacks efficiently.

Pittsburgh, PA – February 16, 2016 Wombat Security Technologies (Wombat) today announced the launch of PhishAlarm Analyzer, a software-based e-mail phishing triage solution that uses machine learning to check emails against multiple security sources to identify and prioritize reported phishing emails for incident response teams. Quick identification and categorization allows infosecurity officers and security response teams to isolate and remediate suspected phishing messages, including zero-hour attacks.

Phishing emails remain one of the largest threats to organizations today and is the initiation point for most data breaches. Wombat’s PhishAlarm® product, introduced just a few months ago, enables end users to recognize and report suspected phishing emails by pressing a button in their email client (Microsoft Outlook, 365, or Gmail). A companion to PhishAlarm, PhishAlarm Analyzer reviews the reported phishing emails against various threat vectors via machine learning and ranks the riskiness of the email. Competing triage solutions of this type only consider an end user’s ‘trustworthiness’ and ‘accuracy’ in identifying threats which can provide less reliable results and take months or years to accurately rank users. 

“Phishing campaigns are becoming more complex and targeted, so rating users on ‘accuracy’ or ‘trustworthiness’ can be an ineffective approach,” said Al Himler, Senior Director of Product Management at Wombat. “Instead of discounting users for falsely identifying a phishing email, PhishAlarm Analyzer pools information about blacklists, known attacks, dangerous IP addresses, and other markers from a multitude of reliable resources. The end result is a faster path to remediation and a more effective use of information security assets.”

PhishAlarm Analyzer scans reported emails and examines them based on standard security indicators of compromise. The emails are then prioritized, and an HTML research report on the reported email is delivered to the incident response teams.  The research report saves time for the incident response team by performing much of the research in advance so that they respond more quickly to the reported threats.

By using various email threat feeds coupled with machine learning, PhishAlarm Analyzer constantly improves as it learns new patterns of email threats. PhishAlarm Analyzer is built to scan emails quickly, prioritize the threat, including identifying zero-hour phishing attacks in real time. By quickly detecting and ranking the most dangerous threats, PhishAlarm Analyzer allows incident response teams to prioritize remediation.

The PhishAlarm Analyzer product is being trialed by customers now and will be generally available during the second quarter of 2016. Anyone interested in learning more about the product can receive a demonstration in Wombat Security booths 4333 and 4235 during the RSA Conference February 29-March 3 2016 at the Moscone Convention Center in San Francisco, or they can contact Wombat at: [email protected] wombatsecurity.com.

About Wombat Security Technologies

Wombat Security Technologies provides information security awareness and training software to help organizations teach their employees secure behavior. Their SaaS-based cyber security education solution includes a platform of integrated broad assessments, as well as a library of simulated attacks and brief interactive training modules. Wombat's solutions help organizations reduce successful phishing attacks and malware infections up to 90%. Wombat, recognized by Gartner as a leader in the Magic Quadrant for Security Awareness Computer-Based Training Vendors, is helping Fortune 1000 and Global 2000 customer in industry segments such as finance and banking, energy, technology, higher education, retail and consumer packaged goods to strengthen their cyber security defenses.

###

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Attackers Infiltrate the Supply Chain & What to Do About It
Shay Nahari, Head of Red-Team Services at CyberArk,  7/16/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12453
PUBLISHED: 2019-07-19
In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in the FLTB parameter due to missing input validation.
CVE-2019-12945
PUBLISHED: 2019-07-19
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2018-17792
PUBLISHED: 2019-07-19
MDaemon Webmail (formerly WorldClient) has CSRF.
CVE-2019-10102
PUBLISHED: 2019-07-19
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when ap...
CVE-2019-10102
PUBLISHED: 2019-07-19
DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusual or Exceptional Conditions. The impact is: Null dereference, so attack can cause denial of service. The component is: cJSON_GetObjectItemCaseSensitive() function. The attack vector is: crafted json file. The fixed version is: 1.7...