Secure Vulnerability Assessment FAQs

Privacy and Security is important to us and we want to share how we collect, use and protect your data during and after the Secure Phishing Risk Assessment.

SECURE PHISHING RISK ASSESSMENT FOR EMAIL

How do I authorize SlashNext to run the assessment?

SlashNext leverages the secure open-standard authorization protocol OAuth 2.0 to authorize with Microsoft 365. OAuth is a widely used authorization protocol that provides applications the ability for secure designated access.

Is my username and password shared with SlashNext?

No. Your Microsoft 365 admin account credentials are never shared with SlashNext. OAuth allows authorization without sharing your admin account username and password with SlashNext, but instead uses authorization tokens  

What permissions will I need to grant to run the assessment?

A Microsoft page will ask you to grant permissions required to run the assessment. Permissions required are:

  • “Read mail in all mailboxes” – Allows SlashNext to analyze the URLs in emails to identify phishing
  • “Sign in and read user profile” and “Read all users’ full profiles” – Allows SlashNext to read user profiles to identify users that have received phishing emails

What measures are implemented to protect my privacy and security?

Your privacy and security are a priority to us, and are protected in the following ways:

  • SlashNext never gains access to your Microsoft 365 credentials
  • SlashNext leverages the widely used open-standard authorization protocol OAuth 2.0 for authorization
  • Minimal read permissions required for the purpose of detecting phishing URLs
  • Data is encrypted in transit HTTPs/TLS
  • Data scanning takes place in memory and is never written to disk
  • The assessment report contains metadata of phishing emails only
  • The assessment report can be deleted by customer at any time within the CMS web console

What is Secure Phishing Vulnerability Assessment for Email?

For Microsoft 365, Secure Phishing Risk Assessment analyzes URLs in emails, in user inboxes, to identify phishing emails missed by your secure email gateway. For organizations using Google Workspace for email security, please use Secure Phishing Risk Assessment for Web 

Which hosted email platform is supported?

Microsoft 365. If you are using an unsupported platform, please use our Secure Phishing Risk Assessment for Web

How do I initiate a Secure Phishing Vulnerability Assessment for Email?

After login into SlashNext’s cloud administration console, Central Management System (CMS), click on the Audit icon on the left ribbon (5th icon from top). Click on Start Assessment -> Choose Email Risk Assessment and follow the instructions to initiate the assessment

Can I specific the number of user inboxes for the assessment?

Yes. You can choose the values 5, 10, 20, 50 or all inboxes?

Can I specify the time frame of emails for the assessment?

Yes. You can specific a custom date range or choose the values last 7 days, last 14 days, last 30 days, and last 90 day

How long does it take for the assessment to run?

The assessment can take anywhere from 10 minutes to 24 hours, depending on the number of inboxes and emails to be analyzed

 

Will I be notified when the assessment is completed?

Yes. An email notification will be sent to the email address associated with your CMS login credentials upon the completion of the assessment.

Can I pause the assessment?

Yes. When you pause an assessment, you will see the details of the emails already analyzed. You can restart the assessment from the beginning

Can you analyze rewritten URLs by secure email gateways solutions?

Yes. We can analyze the URLs rewritten by Microsoft, Mimecast and ProofPoint

SECURE PHISHING VULNERABILITY ASSESSMENT FOR WEB

Is my username and password for my web/URL filtering solution shared with SlashNext?

No. After logging into CMS, the only action required is to upload your logs to begin the assessment

What measures are implemented to protect my privacy and security?

  • CMS cloud administration web console is secured using HTTPS
  • Data scanning takes place in memory and is never written to disk
  • The assessment report contains meta data of phishing URLs and Hosts only
  • The assessment report can be deleted by customer at any time within the CMS web console

What is Secure Phishing Vulnerability Assessment for Web?

Secure Phishing Risk Assessment analyzes the destination URLs and hosts in your logs to identify phishing webpages missed by your web/URL filtering solution and accessed by your users.

Which web/URL filtering solutions are supported?

Logs from all web/URL filtering solutions, as well as SIEM solutions are supported. In addition, specific Fortinet and LogRhythm have been built to parse the logs from these two solutions

How do I initiate a Secure Phishing Vulnerability Assessment for Web?

After login into SlashNext’s cloud administration console, Central Management System (CMS), click on the Audit icon on the left ribbon (5th icon from top). Click on Start Assessment -> Choose Email Risk Assessment and follow the instructions to upload your logs for analysis

Which data fields are mandatory and optional?

Mandatory fields: Destination host or URL

Optional fields: End user name, internal IP & Time Stamp

How long does it take for the assessment to run?

The assessment can take anywhere from 10 minutes to 24 hours, depending on the amount of data to be analyzed

Will I be notified when the assessment is completed?

Yes. An email notification will be sent to the email address associated with your CMS login credentials upon the completion of the assessment.

Can I pause the assessment?

Yes. When you pause an assessment, you will see the details of the data already analyzed. You can restart the assessment from the beginning