Subscribe
  • Home
  • /
  • Security
  • /
  • Find and quarantine phishing e-mails faster with Cofense Vision

Find and quarantine phishing e-mails faster with Cofense Vision


Johannesburg, 03 May 2019
Anton Jacobsz, CEO at Networks Unlimited Africa
Anton Jacobsz, CEO at Networks Unlimited Africa

Value-added distributor Networks Unlimited Africa, local distributor of Cofense (formerly PhishMe) solutions, has announced the local availability of Cofense Vision, the company's newest solution for protecting organisational assets from phishing attacks.

Effective defences against phishing must include visibility into the threats that bypass technical controls and are delivered to a user's mailbox. Users of Cofense Triage can already prioritise and understand these threats, and now, with the addition of Cofense Vision, security operations centre (SOC) and incident response (IR) teams can more quickly identify and quarantine all phishing messages that are live in their environment.

Anton Jacobsz, CEO at Networks Unlimited Africa, says threat actors often alter their techniques and, when they do, thanks to Cofense Vision, operators can now quickly hunt for similar items mitigating attacks with related patterns.

"The key to managing a phishing threat is being able to determine where the e-mail in which it is lurking is sitting on the server," he says. "Working with Cofense Triage, the Vision platform intelligently reveals who else might have received phishing e-mails and, with one click, quarantines the bad messages in Microsoft Exchange and Office 365 from all user inboxes, without disrupting the organisation's day-to-day operations.

"This solution has the ability to retrieve malicious e-mails from users within the organisation, giving the organisation a second chance, if you will, to effectively deal with a threat that has already passed its security parameters."

Jacobsz says Cofense Vision takes things a step further by identifying all e-mails in a cluster, by sender, subject and data, and from across the entire organisation, giving users a fuller picture of an incident, faster.

Put plainly, Cofense Vision simplifies the quick identification of all recipients of a particular phishing attempt, allows single-click quarantine to remove said threat from all mailboxes, while proactively hunting for unreported threats across the business.

Vision Diagram.
Vision Diagram.

According to the Cofense Web site, Vision enables users to:

* Find the entire phishing campaign one cluster at a time
The solution stores, indexes and enriches a moving window of e-mails in a client environment. Using Vision's Discover feature, security operations teams are able to find the full breadth of an attack, quickly and efficiently.

ITWeb Security Summit 2019

Now in its 14th year, ITWeb Security Summit brings together leading international and local experts, analysts and end-users to unpack the latest threats facing African CISOs, CIOs, security specialists and risk officers. Register before 8 March to take advantage of the early bird discount. To find out more, click here.

Vision Discover can precisely determine all of the messages that are part of a phishing campaign across the entire organisation. It searches all of the messages that meet a set of criteria, so operators can quickly find the e-mails, quarantine and mitigate the threat.

* Search against a broader list of criteria
Messages stored in Vision can be queried based on sender, subject and date, which Microsoft offers today, but they can be further queried with criteria beyond what is available via Microsoft's API.

As threat actors alter their techniques, operators can start hunting for similar items and quickly find and mitigate attacks with similar patterns.

* Quarantine the threat to ensure it doesn't spread
Once the threat is detected, Vision Quarantine can rapidly isolate the messages in the Microsoft Exchange or Office 365 mailboxes.

"Only those who have been affected negatively by phishing attempts will truly understand the relief proffered by a solution that aims to find and quarantine every e-mail delivered in a phishing attack, even when unreported by end-users," says Jacobsz. "With Cofense Vision, we're offering SOC teams some respite, with the ability to stop these attacks before users begin clicking on links."

ITWeb Security Summit 2019

In an increasingly connected digital world, cyber security threats are constantly evolving and increasing in number and sophistication. Security professionals need to be up to speed with the latest technologies, techniques and skills for predicting and mitigating potentially crippling cyber attacks, the methods and tools in use by today's threat actors, and the latest legal and compliance demands. ITWeb Security Summit 2019, now in its 14th year, will again bring together leading international and local industry experts, analysts and end-users to unpack the latest threats facing African CISOs, CIOs, security specialists and risk officers, demystify emerging cyber security strategies in AI, blockchain, IOT, DevSecOps and more, and explain how to increase an organisation's cyber resiliency.

Share

Cofense

Cofense, formerly PhishMe, is the leading provider of intelligent phishing defence solutions worldwide. Cofense delivers a collaborative approach to cyber security by enabling organisation-wide engagement to active e-mail threats. Cofense's collective defence suite combines timely attack intelligence sourced from employees with best-in-class incident response technologies to stop attacks faster and stay ahead of breaches. Cofense customers include Global 1000 organisations in defence, energy, financial services, healthcare and manufacturing sectors that understand how changing user behaviour will improve security, aid incident response and reduce the risk of compromise. To learn more, visit https://cofense.com/.

Networks Unlimited Africa

Networks Unlimited Africa is a value-added distributor, offering the best and latest solutions within the converged technology, data centre, networking and security landscapes. The company distributes best-of-breed products, including Attivo Networks, Cofense, Carbon Black, Fortinet, F5, Hypergrid, Mellanox Technologies, NETSCOUT, NETSCOUT ARBOR, ProLabs, RSA, Rubrik, SevOne, Silver Peak, Thales and Uplogix. The product portfolio provides solutions from the edge to the data centre, and addresses key areas such as cloud networking and integration, WAN optimisation, application performance management, application delivery networking, WiFi, mobile and networking security, load balancing, data centre in a box, and storage for virtual machines.

Since its formation in 1994, Networks Unlimited Africa has continually adapted to today's progressively competitive and evolving marketplace, and has reaped the benefits by being a leading value-added distributor (VAD) within the sub-Saharan Africa market.

Editorial contacts