New Service Provides Industry’s Most Comprehensive and Up-to-the-Minute Intelligence on Zero-Hour Phishing and Social Engineering Threats
PLEASANTON, Calif., March 13, 2019 – SlashNext, a leading provider of real-time anti-phishing solutions, today announced SlashNext Real-Time Phishing Threat Intelligence, a new service that provides IT security teams with machine-readable threat intelligence covering all major categories of phishing and social engineering threats currently live on the Web.
SlashNext Real-Time Phishing Threat Intelligence is the industry’s first and only phishing-focused threat intelligence that covers all six major categories of phishing and social engineering threats, including credential stealing; scareware; rogue software; phishing exploits; social engineering scams; and phishing callbacks. This provides IT security teams with the broadest phishing threat intelligence available to better understand and protect their organizations from zero-hour social engineering threats.
SlashNext threat intelligence is produced via global dynamic URL sourcing together with SlashNext’ proprietary, cloud-based threat detection technology. SlashNext threat detection is based on a new approach using Session Emulation and Environment Reconnaissance (SEER). Unlike other anti-phishing technologies which rely on outdated URL inspection and domain reputation analysis, SEER uses virtual browsers in a purpose-built cloud to dynamically inspect sites using advanced computer vision, optical character recognition, natural language processing, lexical analysis, and active site behavioral analysis. By dynamically inspecting page contents and server behavior together with patent-pending machine learning algorithms, SlashNext can detect a wider range of phishing threats in real-time with exceptional accuracy and near-zero false positives. This results in more comprehensive, definitive, and timely threat intelligence on live phishing threats.
“Accurate and timely threat intelligence is key for understanding and defending against today’s fast-moving phishing threats, most of which are active for only a few hours,” said Atif Mushtaq, CEO of SlashNext. “Outdated threat intelligence is simply not useful for protecting against new zero-hour threats. Security teams need up-to-the-minute intelligence on zero-hour threats so they can properly defend their organization against new and emerging phishing attacks, regardless of attack vector.”
“Unfortunately, the empirical data shows that enterprise users are absurdly quick to open, click, and act on phishing and social engineering attacks – for example, a median time-to-first-click on malicious emails of just 134 seconds – which is why the race against time is so important for defender protection and response,” said Derek Brink, vice president and research fellow for Aberdeen Group. “Fortunately, innovative solution providers such as SlashNext are introducing more automated and effective ways to detect and defend against these types of threats, at the beginning of their lifecycle.”
With tens of thousands of new phishing sites going live each day, and most disappearing in just 4-8 hours, SlashNext performs automated URL rechecking and retirement. This results in a continuously updated list of active phishing URLs, domains, and IPs, to give enterprise security teams the industry’s broadest, most up-to-the-minute intelligence on live phishing threats.
SlashNext Real-Time Phishing Threat Intelligence is accessed via simple RESTful API. Users can request threat intelligence in multiple formats, including JSON, CSV, or plaintext. Users can also request just domains, IPs, wildcard URLs, and full URLs to best suit their needs. Each includes automatically generated IOC metadata. API access to machine-readable threat intelligence enables easy integration with popular threat intelligence platforms, SIEMs, and infrastructure such as firewalls and DNS.
Subscribers to the service also receive a quarterly SlashNext Threat Intelligence Report highlighting key threats and trends detected by the SlashNext platform and analyzed by its security research team. Each report provides insights and useful intelligence to help organizations better understand and manage protections against the changing threat landscape.
A separate Incident Reporting Add-On service is also available from SlashNext. When SlashNext’s Real-Time Phishing Threat Intelligence is integrated with an organization’s infrastructure for blocking, this cloud-based service provides a sinkhole service that provides employees with blocked site warning pages as well as incident alerts and daily reports for security administrators.
SlashNext will be hosting a one-hour webinar on March 27, 2019 at 10am PDT called Real-Time Phishing Threat Intelligence: Understanding and Protecting Against Zero-Hour Social Engineering Threats. Anyone interested in attending the webinar can register at https://www.slashnext.com/real-time-phishing-threat-intelligence-webinar/ .
SlashNext helps organizations strengthen their defenses against phishing and social engineering threats with real-time anti-phishing solutions powered by a new, patent-pending approach to zero-hour phishing site detection. SlashNext provides IT security teams with Real-Time Phishing Threat Intelligence as well as Targeted Phishing Defense solutions to protect users on enterprise networks.
SlashNext founder and CEO Atif Mushtaq previously spent nine years as a Senior Scientist at FireEye, where he was one of the main architects of FireEye’s core malware detection technology. SlashNext is headquartered in Silicon Valley and is backed by top-tier venture capital firms.
Lumina Communications for SlashNext