LogicHub Autonomous Phishing Triage helps speed up response to phishing emails
LogicHub, the provider of the industry’s most complete security automation platform, announced the release of LogicHub Autonomous Phishing Triage.
Built on the LogicHub SOAR+ platform, LogicHub Autonomous Phishing Triage automatically and accurately analyzes and classifies emails with 97 percent accuracy, reducing the number of alerts requiring human analysis by 75 percent or more.
LogicHub Autonomous Phishing Triage is available as an application and as a customizable environment for building and editing security operations center (SOC) workflows and playbooks. An intuitive interface lets security analysts quickly review results and kick-off response workflows with a single click.
“The triage of reported phishing emails is one of the most time-consuming tasks for SOC and incident response teams,” said Kumar Saurabh, CEO and co-founder of LogicHub.
“It is critical that these security teams find a way to accelerate phishing triage, so they can spend less time investigating false-positive phishing alerts and more time on valuable and strategic projects. Phishing triage is the perfect example of how LogicHub automates security analyst workflows and decisions.”
How LogicHub Autonomous Phishing Triage works
Unlike existing solutions that produce reports that then need be manually triaged, LogicHub features a powerful decision engine to automatically prioritize any alert feed, recommend decisions, and reduce response times.
Incorporating best practices in phishing email analysis and triage, LogicHub reads and parses email from a phishing mailbox, rapidly assembling context at machine speeds by analyzing multiple email components, including sender and header metadata, links and attachments, and keywords in the body.
LogicHub then enriches the contextual information with built-in and external threat intelligence data, combines the results of the analysis and provides a final score based on a formula or machine learning (ML) model, and performs response and remediation steps depending on the final score.
At one customer, users submit more than 200 suspicious emails per day to a phishing mailbox, each of which takes an analyst five minutes to analyze. The number of suspicious emails is growing faster than new employee headcount, with triage and remediation only occurring during daylight hours.
Upon using LogicHub Autonomous Phishing Triage, an audit of large samples determined the solution was 100 percent accurate with 75 percent coverage, saving the customer the time equivalent of two full-time employees, reducing the threat of phishing attacks, and bringing more consistency to threat analysis.
The LogicHub SOAR+ security automation platform offers what traditional SOAR tools are missing by delivering autonomous detection and response, advanced analytics and machine learning to automate decision making with extreme accuracy across historically disparate security operations.
LogicHub Autonomous Phishing Triage enables SOC teams and other security experts to leverage powerful automation to beat back the ever-growing threat of phishing attacks and other email-borne risks.