SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
ReliaQuest launches a new phishing analyser on GreyMatter
Wed, 15th Mar 2023

ReliaQuest, a force multiplier of security operations, has announced the added capability of Phishing Analyzer to its security operations platform GreyMatter, which is now available globally. The capability helps security teams reduce the risk of phishing attacks by automating the entire abuse-mailbox management process. In addition, the tool analyses suspicious emails, takes remediation action and sends follow-up notifications to users.

Email phishing attacks are a persistent and time-consuming problem. Although many organisations have a Secure Email Gateway (SEG) as a control to combat email-based threats, malicious emails still slip past. Most phishing emails trick unsuspecting users into sharing something valuable: bank details, information, or access. Business Email Compromise (BEC) attacks have cost organisations more than US$43 billion since 2016. As a result, phishing awareness programs are on the rise to enable employees, contractors, and partners to assist the security team in the fight against email phishing.

“Phishing continues to be a major threat for businesses. Security operations teams spend a lot of time on low brain high time activities such as manually reviewing their abuse/phishing inboxes. The goal of GreyMatter’s Phishing Analyzer is to significantly reduce that time,” says Brian Foster, Chief Product Officer at ReliaQuest. “This enables the SOC to reduce risk faster and also frees up their team to focus on other impactful things.”

The constant hyper-vigilance of employees and security teams for potential phishing emails can lead to alert fatigue and employee burnout. Even when spotting phishing emails, users need a way to notify security teams to prevent email-based attacks against their organisation further. Through an automated process, GreyMatter Phishing Analyzer allows security teams to analyse email-based threats and determine how they get through and who has been impacted. With this implementation, ReliaQuest predicts it could save security teams thousands of hours and minimise employee dissatisfaction.

GreyMatter Phishing Analyzer can immediately help security teams in three main ways.  

Once a reported email arrives in the abuse-mailbox, it's automatically analysed to determine whether it is malicious or benign. If malicious, the said email is removed from that user's inbox, and matching emails are also removed from inboxes across the organisation. 

The Analyzer reduces the risk of phishing attacks. After the implementation of GreyMatter, security teams can see the full scope of the phishing attack, including whether a user downloaded a file or clicked on a malicious link without leaving the platform. Additionally, ReliaQuest's machine-learning capabilities speed up the analysis process and cut through the noise of false positives. It identifies phishing campaigns targeting your organisation by matching against duplicate and similar emails.

“Once fully analysed, the Analyzer will automatically send an analysis write-up to the security team and an analysis decision (malicious or benign) to the reporter. Security teams will be able to leverage this information to add security controls for stronger protection,” says Foster.