The Ironscales phishing defense platform consists of a training program to teach employees about phishing and a phishing email simulation program to assess the effectiveness of training and give employees practice at identifying phishing emails in a safe environment. The company also offers an automatic incident response system that eliminates potential threats without any interaction from the security team and a phishing intelligence service.
In contrast to many phishing intelligence providers, Ironscales does not gather information on current threats, instead the firm leverages crowd-sourced intelligence and has a growing network of 3rd party companies that gather intelligence and share information with the platform users via SIEM feeds. The Federation intelligence service ensures customer receive intel on the latest phishing threats in near real-time as they are experienced by other members.
Another distinguishing characteristic of the Ironscales phishing defense platform is the combination of both human intelligence and machine learning. While threats are subjected to human analyses, the machine learning component is capable of learning from past false positives and constantly improves detection rates.
In contrast to many anti-phishing solutions, the Ironscales phishing defense platform also can benefit from an email security add-on that serves as an advanced spam filter, subjecting each incoming email to a deep analysis and automatically flags or quarantines potentially malicious emails.
Key Features of the Ironscales Phishing Defense Platform
There are four main elements of the Ironscales phishing defense platform: A training/simulation module, a threat intelligence service, an automatic responder and an incoming email scanner.
Ironschool™ Phishing Training and Simulation Program
Ironscales appreciates that a one-size fits all approach is not effective when it comes to security awareness training. Consequently, the firm’s Ironschool™ training program has been developed to match training to the needs of each individual employee. Training builds employee awareness of phishing attacks to reduce susceptibility using a combination of games and interactive training sessions to improve knowledge retention.
Real world examples of phishing emails are used in simulated phishing attacks on organizations, with an easy-to-use GUI allowing CISOs to schedule phishing simulations. Busy CISOs can choose a campaign developed by Ironscales to match the security needs of each organization. On the spot training can also be configured for employees that complete unsafe actions during phishing simulations.
Reports can be generated for a real-time analysis of each simulation campaign, detailing employee and company vulnerabilities. Reports are also fed into the company’s machine learning system allowing it to be constantly trained in a continuous feedback loop.
An analysis of Ironscales phishing defense platform reports shows a decrease in susceptibility to phishing attacks of up to 89% is achievable after just a few rounds of phishing simulations.
IronTraps™ Automated Incident Response
IronTraps™ is an automatic phishing incident response system that allows employees to report potential phishing attacks with a single click. This email client add-on conducts an instant deep forensic analysis of each suspect email message and suggests mitigation tactics for security teams, speeding up the response to real phishing attacks when they occur.
If the analysis determines the threat to be real, the solution can be configured to automatically remove all instances of the phishing message from mail servers without any interaction from security teams.
The system automatically detects and removes known email phishing campaigns and speeds up detection and mitigation of zero-day phishing attacks. IronTraps™ can be seamlessly integrated into organizations’’ sandbox, Multi AV, intelligence and SIEM solutions.
Ironscales says its top performing companies have been able to reduce phishing attack response times to under 1 minute, greatly reducing the impact of phishing attacks.
Ironscales Federation Threat Intelligence
Ironscales Federation threat intelligence is an add-on solution that can be combined with IronTraps™ to provide near real-time intelligence on current phishing attacks. Companies that sign up to Federation contribute anonymous reports of phishing attacks which are pushed out to other Federation subscribers. When a phishing attack is detected, all members are alerted through in-line messaging. The threat intelligence service links with IronTraps™ and automatically remediates attacks without the need for any intervention from IT teams. Federation communicates intelligence on zero-day ransomware, malware, phishing, spam, spoofing and pharming attacks.
Ironsights™ Anti-Impersonation
IronSights™ an optional extra that can be combined with the Ironscales phishing defense platform to conduct a deep scan of each incoming email. IronSights™ validates the sender based on each employee’s past email history and discovers and flags anomalous behavior. Machine learning is used to constantly improve the system, leaning from past false positives.
When a potential threat is detected, the email message is immediately flagged as potentially harmful. This reduces reliance on end user security awareness. The system can be configured to send immediate notifications to security teams or automatically remediate threats.
About Ironscales
Ironscales is an Israeli cybersecurity firm founded in 2013. The firm benefited from assistance through 8200 EISP, the leading program for cyber security ventures founded by the Israel Defense Forces’ elite Intelligence Technology Unit.
The company was formed with the aim of addressing the challenges of email phishing and providing reliable tools for businesses to allow them to mitigate and respond to cyber threats. The Ironscales phishing defense platform is the first phishing mitigation solution to use a combination of human intelligence with machine intelligence to detect phishing threats and provides actionable threat intel to companies to ensure a quick and effective response to cyberattacks.
The company has recruited high-level business executives and managers, along with talented penetration testers, product experts and security researchers. The company’s phishing training and simulation platform has been developed by specialists in the field of interactive training.
The Ironscales phishing defense platform also won Cyber Defense Magazine’s Editor’s Choice Award in 2017 for Best Messaging Security Solution and was a finalist at the 2017 SC Awards and a finalist in two categories – Best Email Security Solution and Best Cybersecurity Startup – at the 2017 Cyber Security Excellence Awards.