We wanted to share a few key details about our latest release, which is now available.
Additional Themis insights
Our customers’ security analysts have been asking for more details about the Themis Confidence percentage and why she is classifying emails in the way she does. With this release, customer security teams will now receive greater detail about why our machine learning models have classified an email as Phishing, Spam or Safe.
Large cluster review for potential false positives
When our platform identifies a potential widespread phishing attack across multiple email inboxes, our clustering technology automatically groups emails with similar characteristics together into a new or existing cluster and removes them from all user inboxes out of an abundance of caution. Emails that are misclassified as phishing by either users or Themis can on a rare occasion cause the creation of a new cluster containing legitimate emails.
In the rare instance that this misclassification/false positive situation occurs, this release adds a new feature that alerts the customer’s security team when a large and growing number of emails have started to be automatically grouped together into a cluster and removed from user inboxes. They can then review the emails and decide which (if any) are legitimate and need to be returned to their end users. If the security team feels that Themis is misclassifying the emails the customer can let the IRONSCALES teams know. The IRONSCALES team will then research the situation for the customer.
For more information, please visit us at www.ironscales.com.