The problem: Phishing mails continue to bypass your spam filters
Even the best filters cannot stop malicious mails from popping up in your inbox. Although the vast majority of phishing mails will be caught, there will always be mails that know how to bypass these filters. And often times it is precisely these emails that pose a real threat!
Report suspicious mails using the LUCY Phishing Incident Plug-In
Consequentially, it is crucial to implement security awareness measures in your company to train your employees to effectively detect phishing mails and report them using a Phish Alert Button. An efficient security awareness training consists of
- phishing simulations
- entertaining training modules like videos and game-based trainings
- a reporting system that tracks your employees’ progress over time
Efficiently manage reported phish
Once your users report a phish instance, the IT Security Analysts can begin investigating: Is the reported phish really a phish? What should be done with the reported phish? And how can future similar threats automatically be quarantined or deleted?
LUCY’s Email Threat Screener (ETS) assists your security team by identifying threats and responding to them quickly. Create rules based on the reported phishing emails and such that identify real threats fast. Decide on actions for incoming phish and automatically delete or quarantine any threats. Streamline your IT team’s work by radically reducing the incident response time and number of false-positive alerts.
HOW IT WORKS:
The LUCY Email Threat Screener
With LUCY’s Email Threat Screener you can easily spot, analyze and automatically delete or quarantine phishing emails. Significantly enhance your security analysts’ work by reducing the Mean Times to Detect, Acknowledge and Contain attacks and by eliminating false-positive alerts.
Easy Rule Creation
Use built-in YARA rules or create custom rules for tagging reported phish and decide on automatic actions for handling these.
Seamless Integration with
LUCY's Phish Button
Full Integration with LUCY’s Phishing Incident Plug-In. Emails are forwarded to the Screener. Alternatively also to a dedicated mailbox.
Keep your most private data private
If you prefer not to send your confidential E-Mail communication to a system in the internet. You have the option to install LUCY’s E-Mail Threat Screener (ETS) on your own premises. This allows you to keep your and your customers E-Mail data completely secure.
EASY YARA RULE MANAGEMENT
Create your own or use built-in YARA Rules using the simple visual editor.
ANALYSIS & PRIORIZATION ENGINE
Automatically analyze Mail Headers, Body, URLs and Domains
LUCY’S PHISHING INCIDENT PLUGIN
Report suspicious E-mail Messages by sending them to the LUCY Email Threat Screener for further automated analysis and human in depth Inspection if needed. Alternatively send it to a dedicated Mailbox or Sandbox System.
Seamless integration with Lucy’s Email Add-in Button.
Preview email as a screenshot without clickable links.
Automatically respond to the user who reported an incident.
Filter unresolved events and process them – set resolution and status.
Due dates system notifications for incoming events.
USER REPUTATION UPDATER
Integration with LUCY for simulation reports.
Installable software; no Emails are shared with the software provider.
FALSE POSITIVE ELIMINATOR
Detect and automatically resolve all irrelevant events that pose no threat to a company.
Perform cluster analysis of incoming email content and detect similar patterns that may comprise a single continuous or a long repeating attack.
The system selects emails with similar subjects and from similar senders and may delete them, create a JIRA task, block all URLs or domains.
SCANNING ENGINES INTEGRATION
Easy integration with external scanning engines (e.g.Virustotal, Safebrowsing, phishtank, URLhaus).
Integration with Splunk, Jira, SOC, SIEM and others.
INCIDENT PLUGIN FOR BROWSERS
Report phishing websites or links right from Edge, Firefox, Chrome or Safari.
Different user roles: Viewer, Analyst, Admin.
Turn any real phishing event into a Lucy template for training users.