Automate Your Email Threat Analysis

Quickly manage phish attempts that bypassed your spam filter

  • null
    Complete Data Security
  • null
    3rd Party Integrations
  • null
    Drastically reduces mean time to detect (MTTD)
  • null
    Faster mean time to acknowledge (MTTA)
  • null
    Faster mean time to contain (MTTC)
  • null
    Drastically reduces False-Positive Rate of Alerts

The problem: Phishing mails continue to bypass your spam filters
Even the best filters cannot stop malicious mails from popping up in your inbox. Although the vast majority of phishing mails will be caught, there will always be mails that know how to bypass these filters. And often times it is precisely these emails that pose a real threat!

Report suspicious mails using the LUCY Phishing Incident Plug-In
Consequentially, it is crucial to implement security awareness measures in your company to train your employees to effectively detect phishing mails and report them using a Phish Alert Button. An efficient security awareness training consists of

  • phishing simulations
  • entertaining training modules like videos and game-based trainings
  • a reporting system that tracks your employees’ progress over time

Efficiently manage reported phish
Once your users report a phish instance, the IT Security Analysts can begin investigating: Is the reported phish really a phish? What should be done with the reported phish? And how can future similar threats automatically be quarantined or deleted?

LUCY’s Email Threat Screener (ETS) assists your security team by identifying threats and responding to them quickly. Create rules based on the reported phishing emails and such that identify real threats fast. Decide on actions for incoming phish and automatically delete or quarantine any threats. Streamline your IT team’s work by radically reducing the incident response time and number of false-positive alerts.

HOW IT WORKS:

The LUCY Email Threat Screener

With LUCY’s Email Threat Screener you can easily spot, analyze and automatically delete or quarantine phishing emails. Significantly enhance your security analysts’ work by reducing the Mean Times to Detect, Acknowledge and Contain attacks and by eliminating false-positive alerts.

Easy Rule Creation

Use built-in YARA rules or create custom rules for tagging reported phish and decide on automatic actions for handling these.

Seamless Integration with
LUCY's Phish Button

Full Integration with LUCY’s Phishing Incident Plug-In. Emails are forwarded to the Screener. Alternatively also to a dedicated mailbox.

Keep your most private data private

If you prefer not to send your confidential E-Mail communication to a system in the internet. You have the option to install LUCY’s E-Mail Threat Screener (ETS) on your own premises. This allows you to keep your and your customers E-Mail data completely secure.

FEATURE LIST

FEATURES

EASY YARA RULE MANAGEMENT
Create your own or use built-in YARA Rules using the simple visual editor.

ANALYSIS & PRIORIZATION ENGINE
Automatically analyze Mail Headers, Body, URLs and Domains

LUCY’S PHISHING INCIDENT PLUGIN
Report suspicious E-mail Messages by sending them to the LUCY Email Threat Screener for further automated analysis and human in depth Inspection if needed. Alternatively send it to a dedicated Mailbox or Sandbox System.
Seamless integration with Lucy’s Email Add-in Button.

MESSAGE PREVIEWER
Preview email as a screenshot without clickable links.

EVENT AUTORESPONDER
Automatically respond to the user who reported an incident.

EVENT FILTER
Filter unresolved events and process them – set resolution and status.

EVENT EXPIRATION
Due dates system notifications for incoming events.

USER REPUTATION UPDATER
Integration with LUCY for simulation reports.

ON-PREMISE OPTION
Installable software; no Emails are shared with the software provider.

FURTHER FUNCTIONS

FALSE POSITIVE ELIMINATOR
Detect and automatically resolve all irrelevant events that pose no threat to a company.

EVENT CLUSTERING
Perform cluster analysis of incoming email content and detect similar patterns that may comprise a single continuous or a long repeating attack.

REMEDIATION ENGINE
The system selects emails with similar subjects and from similar senders and may delete them, create a JIRA task, block all URLs or domains.

SCANNING ENGINES INTEGRATION
Easy integration with external scanning engines (e.g.Virustotal, Safebrowsing, phishtank, URLhaus).

API INTEGRATION
Integration with Splunk, Jira, SOC, SIEM and others.

INCIDENT PLUGIN FOR BROWSERS
Report phishing websites or links right from Edge, Firefox, Chrome or Safari.

ANALYST ROLES
Different user roles: Viewer, Analyst, Admin.

TEMPLATE CONVERTER
Turn any real phishing event into a Lucy template for training users.

Contact Us!