PhishScout is an automated phishing defense & orchestrated response that allows the IT security teams to instantly investigate suspicious emails with the ability to quarantine and ultimately delete phishing emails from the end user’s mailbox.

Security controls such as IPS & Email Gateways are only effective to a certain level. This is why phishing remains the most potent threat vector to date. Once a phishing email lands into the mailbox, it only takes a click to trigger a cyberattack. The longer the phishing email resides in the mailbox, the greater the probability of the threat propagation.

PhishScout uses built-in threat intelligence feeds from 3^rd party and PhishRod global threat intelligence engine, to instantly thwart a phishing attack. The automated & orchestrated response workflow ensures role-based coordination between relevant stakeholders to report, investigate, quarantine and delete phishing emails from the end user’s mailbox in the shortest possible time.

How it Works?

PhishRod provides a reporter plug-in that works as an agent for all mail clients. While the mailbox synchronizes to receive any incoming email, the end user is provided with a warning that the email is coming from a malicious source.

Once reported, PhishScout extracts the links & attachments from the reported suspicious email and performs IP Scanning, Domain Reputation Scanning, URL Scanning, Site Verification, Attachment Scanning using 130+ intelligence feeds and creates an incident for the primary analyst. Based on the results received, the primary analyst can immediately quarantine the reported email and can escalate the case for secondary analysis.

Based on the feedback from the secondary analyst, the email can be deleted from all end user mailboxes immediately.