As we’ve written about before, email security originated in the early 2000s with anti-spam filters, followed by innovations in attack signature detection, which subsequently paved the way for secure email gateways (SEGs) around 2012. All of these solutions proved effective at mitigating spam and preempting signature-based attacks at certain periods of time but have since struggled to evolve as expeditiously as advanced phishing techniques, such as, spoofing, ransomware and business email compromise (BEC).
As modern attack techniques began to surface, legacy email security companies attempted to modernize, either via innovation or acquisition. There was just one problem: attackers had progressed so dramatically that much of the old way of phishing mitigation was no longer viable. Email security needed disruption, and it needed it badly.
IRONSCALES as a company was built with the acceptance of one simple premise as truth: email phishing is both a human and machine problem that requires both a human and machine solution. This rallying cry has propelled our engineering team to constantly think outside the box, and develop very unique methods for identifying, mitigating and responding to all types of email phishing attacks – from unintelligent signature-based threats to today’s most complex file-less campaigns mass executed using machine learning and AI.
Our introduction to the market began with IronTraps, which at the time was the first and only phishing mitigation tool capable of automatic remediation in real-time. Built on advanced machine learning algorithms, IronTraps helped simplify the growing burden on SOC teams, which had become accustomed to the daunting task of manually analyzing and prompting remediation for every single suspicious email. Since then, IronTraps has evolved to include many of the features and functionalities inherent to security, orchestration automation and response (SOAR) technology. Now, customers using our E-SOAR technology report having greatly reduced their risk of business disruption/lost productivity, credential theft or financial fraud due to phishing attacks.
Shortly after releasing IronTraps we introduced Federation, a collective detection phishing campaign tool to automatically provide advanced detection and notice of trending email phishing attacks by leveraging our entire virtual global analyst community. To this day, the security industry talks a big game about the need to decentralize threat intelligence, yet the email security industry continues to significantly lack in this area. With Federation, companies can proactively prepare for and automatically detect and respond to new phishing attacks that have already been verified by other analysts.
Finally, in response to the failures of secure email gateways against file-less phishing attacks such as business email compromise (BEC), we introduced IronSights to provide customers with advanced protection against such advanced threats. In fact, we were the first to bring automatic detection and response capabilities beyond the gateway and into the mailbox by building proprietary technology that accounts for factors like implementation level (no/full/partial) of DMARC/SPF/DKIM, sending IPs, normal communication context and other meta data in order to create a unique fingerprint for each sender.
At the end of the day, it is the automation inherent to our platform that is truly a gamechanger, since time is of the essence with phishing mitigation. As we previously wrote about, the scripts and playbooks of our competitors only masquerade as automation when in reality, security teams maintain intensive responsibility under their approaches. In contrast, our platform’s automation actually decreases the amount of phishing-specific work analysts must perform, alleviating what many consider to be their biggest daily burden.
As attackers begin to use AI to sharpen their phishing attacks and targeting capabilities, we recognized the need to empower our customers to defend and make decisions as quickly as possible. To achieve this objective, we introduced Themis in summer of 2018, email security’s first AI-powered SOC assistant. By using AI as a tool that can predict with high confidence the legitimacy of any suspicious emails, Themis can reduce the decision-making processes of busy security analysts, expediting remediation and decreasing risk. Powered by unique machine learning algorithms, Themis is constantly fed input from hundreds of thousands of verdicts conducted by human security experts located around the world, which are virtually grouped by our threat intelligence sharing module Federation. By mimicking security analyst's decision-making criteria in real-time, Themis can predict with high confidence the legitimacy of any suspicious message without assistance from security analysts.
We wouldn’t be able to brag on our innovation if weren’t confident in its capabilities or didn’t have the track-record with customers to back it up. With this mind, here are some of our key technology milestones over the past few years:
Because of our commitment to innovation and our macro approach to email security, our platform has been preventing, detecting, investigating and responding to phishing events with unprecedented machine learning capabilities and trailblazing innovations for which the industry has begun to follow
But we don’t have plans to stop innovating anytime soon, much as attackers don’t have plans to forfeit their attacks. In just a couple of weeks’ time, we’ll issue another email security industry “first” announcement that will make it even easier for security teams to review attacks and prompt remediation from anywhere and at any time. That announcement will be closely followed by a major update to our malware protection module, IronShield and the unveiling of our advanced take on pen testing.
Subscribe to our newsletter or blog to learn about all of our 2019 innovations as they happen or get started with our advanced phishing threat detection platform today.