Go Beyond Training and Testing. Way Beyond.
Deep analytics and a robust workflow platform shine new light in critical areas
〉Integrated Incident Reporting and Independent SPAM Analysis
Analytics will ultimately determine your best approach to enterprise-wide information security. Don’t settle for anything less than the best—and don’t go it alone.
Many organizations encourage their users to forward suspicious emails to a centralized incident response repository. The idea is to catch attacks that make it past their automated filters before they become major incidents. The problem many organizations face is what to do with the mail once it is reported. How is the suspicious mail analyzed? How much time is spent sorting out the mock-phishing campaign messages? Can the analysis benefit their phishing education program?
Mail Identification, Fast Analytics, and Message Disposition
Some customers already have methods and tools to analyze and act on all of their reported suspicious emails. These customers typically just want to grant PhishLine access to the reported mock phishing campaign emails, using custom headers or other techniques. We strongly agree that limiting PhishLine access to our campaign emails only is an appropriate solution in this case.
On the other extreme, we have seen customers try to manage thousands of reported messages using a standard folder in an email client. It soon became obvious that we could use our deep analytics, reporting, and workflow platform to help these customers identify patterns to better manage the onslaught of reported emails.
Some of the Incident Reporting capabilities include time-based analysis, message disposition, automatic actions, and other custom capabilities. The platform also can be integrated with open-source and commercial tools. PhishLine is built on a risk management platform with dashboards, workflow, reporting, and an Application Programming Interface (API) that allows it to move data to other applications you may be using.
Incident Reporting Helps your Phishing Program
PhishLine automatically recognizes our user-specific mock phishing messages. This allows the system to identify users that reported a suspicious email either before or after they clicked, replied, or otherwise interacted with the message.
Your employees are a crucial line of defense against social engineers. PhishLine’s Incident Reporting and reputation management capabilities give you the tools to test and identify your users’ individual levels of threat knowledge. You can then move them through levels of training based on their ability to define, identify, and report phishing threats.
Help your Users Help You
The PhishLine Incident Reporting system can be used in conjunction with our Phish Reporting Button. Simplified reporting helps ensure that your employees will follow through with your process. Incident Reporting can also be used with reporting features found in most mail programs, including the forward function.