Cofense Triage accelerates phishing qualification, investigation, and response by automating standard responses to suspicious emails to make analysts more efficient and driving out actionable intelligence, and providing incident response playbook.
N/A
KnowBe4 PhishER/PhishER Plus
Score 9.2 out of 10
N/A
PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security Operations team cut through the inbox noise and respond to the most dangerous threats more quickly.
The tool is very helpful in improving Phishing detection capabilities as it streamlines the process of analyzing user reports a lot. Besides it has a built-in mechanism of rating reporters(end-users) based on their historical performance. Downside - tool requires continuous resource investment to deliver best result. Tool is not helping too much in improving user-education, because automated response process is not immediate and is prone to errors
PhishER comes with some good features, such as PhishML, PhishRIP, PhishFlip, etc. These features help us manage phishing email reporting incidents. From reporting emails via Phish Alert Button plug-in to collecting all reported emails in one place at the PhishER dashboard. Now, the PhishML comes into play, scanning all reported emails and tagging each as clean, spam, or threat. With the help of this machine learning-based algorithm, our investigation process becomes easier. Other features, such as PhishRip, help to search and quarantine phishing emails, and PhishFlip converts a real phishing campaign to a test phishing campaign.
YARA rules, while the functionality is fantastic I've found that the documentation can be a bit confusing. Although, that might just be my personal experience.
Rare glitches make the send notification button unusable. This can be remediated by navigating to a different report, but [it] is a bit of a pain in the moment.
I would like to see a dark mode get added as well, but that's obviously a tertiary concern.
PhishRIP info tabs (i.e. if improperly check ripped emails are turned into tests. This has caused issues.) Info tabs or markers allow user to hover and get more information about what action a check box or slider provides.
When we first discovered that KnowBe4 released something like this, we saw a demo of it and were floored at what it could do and how it could help us from a security standpoint. Gone are the days of us in IT sending out a mass email saying please don't click on anything in the email from sender "X", and it allows us to quietly and easily ensure that people don't take any action on malicious emails.
I think that the system is well designed and makes it easy to fine phishing emails that have been reported. It also has a simple user interface that allows you to review and address threat emails also providing an automated component that allows for automated threat mitigation and customized feedback responses to users
The other product had a lot of fails on the auto-processing and did not integrate well with our current environment. One issue had to do with the way it sends the submissions to its processing engine—our email gateway configuration would have blocked this traffic. I also did not like the user interface.
We evaluated the Titan options because we have already used their DNS filtering product. However, KnowBe4 came in with a better price per user and a significantly stronger product lineup, particularly with its security awareness training component.
My company had nothing of this sort previously and we were stuck trying to make use of free resources and doing things very manually. Triage was a huge life saver in this area.
The ability to quickly respond to several users at once has been a great help.
There has been a 700% increase in emails being reported now. Previously, staff were only reporting 4 emails a month. It is easier for us to promote the phish alert button, receive automated remediation and rapidly respond.
We had no reports on the amount of phishing emails were coming through Mimecast but now we have reports for the board of trustees.
Every Wednesday we talk about cyber security to all staff, PhishER allows us to point out the trend and what to look out for which raises awareness. Never before were we able to talk about cyber security like this.