IRONSCALES is presented as a Self-Learning Email Security Platform To Proactively Fight Phishing Attacks, from the company of the same name in Atlanta.
$0
up to 500 mailboxes
KnowBe4 PhishER/PhishER Plus
Score 9.2 out of 10
N/A
PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.
When deploying to a client who is very sensitive to email routing disruptions like those that can occur by putting an email filter in front of the email server, IRONSCALES deployment is extremely simple. It hooks into the user's mailbox, and not only filters point forward but a number of days back.
PhishER comes with some good features, such as PhishML, PhishRIP, PhishFlip, etc. These features help us manage phishing email reporting incidents. From reporting emails via Phish Alert Button plug-in to collecting all reported emails in one place at the PhishER dashboard. Now, the PhishML comes into play, scanning all reported emails and tagging each as clean, spam, or threat. With the help of this machine learning-based algorithm, our investigation process becomes easier. Other features, such as PhishRip, help to search and quarantine phishing emails, and PhishFlip converts a real phishing campaign to a test phishing campaign.
PhishRIP info tabs (i.e. if improperly check ripped emails are turned into tests. This has caused issues.) Info tabs or markers allow user to hover and get more information about what action a check box or slider provides.
When we first discovered that KnowBe4 released something like this, we saw a demo of it and were floored at what it could do and how it could help us from a security standpoint. Gone are the days of us in IT sending out a mass email saying please don't click on anything in the email from sender "X", and it allows us to quietly and easily ensure that people don't take any action on malicious emails.
I think that the system is well designed and makes it easy to fine phishing emails that have been reported. It also has a simple user interface that allows you to review and address threat emails also providing an automated component that allows for automated threat mitigation and customized feedback responses to users
Postini, Windows Defender (built into M365) & Trend Micro email security. Postini was purchased by Google and then went away. Trend Micro was very basic at the time I used it (many years ago) and utilized purely blacklisting tech but that was before the AI boom. Windows Defender is not as multi-tenant friendly.
We evaluated the Titan options because we have already used their DNS filtering product. However, KnowBe4 came in with a better price per user and a significantly stronger product lineup, particularly with its security awareness training component.
Understanding its limitations with regards to cyber security education campaigns
Rigid domain lists. Might be attributed to how we purchase through a distributor but if a client needs to add a monitored domain name, it must be requested instead of allowing me to do it myself.
Unclear if there have ever been any outages or service disruptions. Since it is monitoring mailboxes and not routing email, there is no outage client side. This could be a benefit but it also means end users might be unprotected during an outage.
There has been a 700% increase in emails being reported now. Previously, staff were only reporting 4 emails a month. It is easier for us to promote the phish alert button, receive automated remediation and rapidly respond.
We had no reports on the amount of phishing emails were coming through Mimecast but now we have reports for the board of trustees.
Every Wednesday we talk about cyber security to all staff, PhishER allows us to point out the trend and what to look out for which raises awareness. Never before were we able to talk about cyber security like this.