ITNewsAfrica logo

linkedin   twitter icon   facebook


General News

Find and quarantine phishing emails faster with Cofense Vision™

JOHANNESBURG – April 30, 2019 – Value-added distributor Networks Unlimited Africa – local distributors of Cofense™ (formerly PhishMe) solutions – has announced the local availability of Cofense Vision, the company’s newest solution for protecting organisational assets from phishing attacks. Effective defences against phishing must include visibility into the threats that bypass technical controls and are delivered to a user’s mailbox. Users of Cofense Triage™ can already prioritise and understand these threats, and now with the addition of Cofense Vision, security operations centre (SOC) and incident response (IR) teams can more quickly identify and quarantine all phishing messages that are live in their environment.
Anton Jacobsz, CEO at Networks Unlimited Africa, says threat actors often alter their techniques and when they do, thanks to Cofense Vision, operators can now quickly hunt for similar items mitigating attacks with related patterns.

“The key to managing a phishing threat is being able to determine where the email in which it is lurking is sitting on the server,” he says. “Working with Cofense Triage, the Vision platform intelligently reveals who else might have received phishing emails and, with one click, quarantines the bad messages in Microsoft Exchange and Office 365 from all user inboxes without disrupting the organisation’s day to day operations.
“This solution has the ability to retrieve malicious emails from users within the organisation giving the organisation a second chance, if you will, to effectively deal with a threat that has already passed its security parameters.”

Jacobsz says that Cofense Vision takes things a step further by identifying all emails in a cluster, by sender, subject and data and from across the entire organisation, giving users a fuller picture of an incident, faster.
Put plainly, Cofense Vision simplifies the quick identification of all recipients of a particular phishing attempt, allows single-click quarantine to remove said threat from all mailboxes while proactively hunting for unreported threats across the business.
According to the Cofense web site, Vision enables users to:

  • Find the entire phishing campaign one cluster at a time

The solution stores, indexes and enriches a moving window of emails in a client environment. Using Vision’s Discover feature, security operations teams are able to find the full breadth of an attack, quickly and efficiently. 
Vision Discover can precisely determine all of the messages that are part of a phishing campaign across the entire organisation. It searches all of the messages that meet a set of criteria, so operators can quickly find the emails, quarantine and mitigate the threat.  

  • Search against a broader list of criteria

Messages stored in Vision can be queried based upon Sender, Subject and Date, which Microsoft offers today, but they can be further queried with criteria beyond what is available via Microsoft’s API.
As threat actors alter their techniques, operators can start hunting for similar items and quickly find and mitigate attacks with similar patterns. 

  • Quarantine the threat to ensure it doesn’t spread

Once the threat is detected, Vision Quarantine can rapidly isolate the messages in the Microsoft Exchange or Office 365 mailboxes. 
“Only those who have been affected negatively by phishing attempts will truly understand the relief proffered by a solution that aims to find and quarantine every email delivered in a phishing attack, even when unreported by end users,” says Jacobsz. “With Cofense Vision, we’re offering SOC teams some respite with the ability to stop these attacks before users begin clicking on links.”
About Cofense  
Cofense™, formerly PhishMe®, is the leading provider of intelligent phishing defence solutions world-wide. Cofense delivers a collaborative approach to cybersecurity by enabling organisation-wide engagement to active email threats. Our collective defence suite combines timely attack intelligence sourced from employees with best-in-class incident response technologies to stop attacks faster and stay ahead of breaches. Cofense customers include Global 1000 organisations in defence, energy, financial services, healthcare and manufacturing sectors that understand how changing user behaviour will improve security, aid incident response and reduce the risk of compromise. To learn more, visit https://cofense.com/.

About Networks Unlimited Africa
Networks Unlimited Africa is a value-added distributor, offering the best and latest solutions within the converged technology, data centre, networking, and security landscapes. The company distributes best-of-breed products, including Attivo Networks, Cofense, Carbon Black, Fortinet, F5, Hypergrid, Mellanox Technologies, NETSCOUT, NETSCOUT ARBOR, ProLabs, RSA, Rubrik, SevOne, Silver Peak, Thales and Uplogix. The product portfolio provides solutions from the edge to the data centre, and addresses key areas such as cloud networking and integration, WAN optimisation, application performance management, application delivery networking, Wi-Fi-, mobile- and networking security, load balancing, data centre in-a-box, and storage for virtual machines.

Since its formation in 1994, Networks Unlimited Africa has continually adapted to today's progressively competitive and evolving marketplace, and has reaped the benefits by being a leading value-added distributor (VAD) within the Sub-Saharan Africa market.

Networks Unlimited Africa, David Wilson, +27 (0) 11 202 8400, david.wilson@nu.co.za
icomm, Vivienne Fouché, +27 (0) 82 602 1635, vivienne@pr.co.za; www.icomm-pr.co.za




ITNewsAfrica logo

Download Button