AI-Powered Email Monitoring Enables SOC Students To Improve Campus Security

Cal Poly Customer

Educational institutions, particularly university campuses, are a favorite target for cybercriminals because of the large distracted populations, multiple vendor relationships and research facilities make them vulnerable to threats like BEC, QR phishing, and other advanced threats.

Cal Poly’s SOC was drowning in these types of threats. Seventy-five percent of the student SOC team’s time was spent on abuse inbox analysis. The remaining time was spent on addressing SIEM alerts and other tasks.

After deploying SlashNext Cloud Email Security they saw an 80% reduction in the malicious emails being reported to the security team in the first 24 hours. SlashNext monitors 6,500 faculty and staff inboxes, and in the first week analyzed over a million emails, detected 434 zero-hour link attacks, and 271 BEC emails targeting the highest levels of campus leadership. The reduction of abuse email management, allows Cal Poly to assigns projects to students, including:

Security KPI Tracking Using Splunk: Tracking response of SOC analysts to measure response and resolution time.

Ingest CIS Threat Intelligence into Splunk: Enhances security posture with proactive alerts around identified threats.

Management of Palo Alto IP/Domain Block Lists: Simplifies and automates adding IPs or domains to firewall’s block list.

HIBP Automation: Monitors for addresses in data breaches and automates notification to impacted users reducing process time from 15 minutes to one minute.

AWS Security Alerts: Identify high-risk AWS activity, providing invaluable visibility of campus-wide AWS activity and potential incidents.

The Challenge

Cal Poly’s SOC was drowning in these threats like BEC, QR phishing, and other advanced threats. Seventy-five percent of the student SOC team’s time was spent on abuse inbox analysis. The remaining time was spent on addressing SIEM alerts and other tasks.

The Solution

SlashNext multi-channel Email+ Security phishing protection; generative AI security protects against zero-hour spear phishing, BEC, smishing, and other socially engineered attacks in email, SMS, Slack, Teams, and other messaging apps.

The Result

After deploying SlashNext Cloud Email Security, Cal Poly saw an 80% reduction in the malicious emails being reported to the security team in the first 24 hours. SlashNext monitors 6,500 faculty and staff inboxes, and in the first week analyzed over a million emails, detected 434 zero-hour link attacks, and 271 BEC emails targeting the highest levels of campus leadership.

Cal Poly Uses SlashNext Cloud Email Security

Play Video
Blue on Black quotation mark
SlashNext handles all the emails that normally would have been reported. And, they’re making a significant impact in the security posture of the campus.
Doug Lomsdalen, Information Security Officer

SlashNext for Microsoft 365 Stops the Broadest Range of Zero-Hour Attacks

SlashNext HumanAI stops email threats that compromise users and lead to data breaches.

 

Microsoft 365 + SlashNext for Complete Email Security

SlashNext helps Microsoft 365  customers protect themselves from the growing number of advanced phishing attacks occurring today and tomorrow.

Microsoft 365 + SlashNext for Complete Email Security

See SlashNext Complete™
in Action

Meet with a security expert for a demo and learn how to set up a personalized trial to see the threats entering your organization.