New tool helps identify and block phishing attacks
People are often the weakest link in the IT security chain and hackers are keen to exploit this with ever more sophisticated attacks.
Predictive email defense specialist Vade Secure is launching a new anti-phishing solution that helps security operations centers identify and block targeted phishing attacks.
Called IsItPhishing Threat Detection, it uses machine learning algorithms to perform real-time analysis of around 50 features of the URL and page content. These models have been trained using Vade Secure's global threat intelligence gathered from 500 million mailboxes and 6 million daily URL scans. The number of features checked is optimized using an advanced recursive feature elimination algorithm to ensure good accuracy, with zero false positives.
Features include tokens within URLs being randomly replaced in order to safely explore the page content without inadvertently triggering any action or tracking on behalf of the user. Pages are explored across more than 30 device/browser combinations to thwart attacks that display their content only when accessed from mobile devices. Pages are also examined from four different geographical zones to combat attacks that display content only when accessed from the target location.
"Phishing has overtaken ransomware as the top attack vector as hackers focus on exploiting human vulnerabilities," says Adrien Gendre, chief solution architect at Vade Secure. "Most SOCs are not set up for success against these threats -- they are too understaffed to manually check every suspicious URL, and current processes make it difficult to react to short-wave attacks. IsItPhishing Threat Detection alleviates these issues by automating and accelerating phishing detection, response and remediation."
Because it offers real-time detection of both known and unknown phishing attacks, the solution greatly reduces the number of alerts and false positives that SOC analysts must process, freeing them up to focus on higher value activities. Instant detection of phishing URLs can also trigger automated workflows to block access across an organization's entire network.
You can find out more about the solution on the Vade Secure website.