Content

IRONSCALES

IRONSCALES offers an advanced phishing threat protection platform broken into three sections. It seamlessly integrates with G-Suite and Microsoft Office 365 environments for organizations looking to bolster anti-phishing and email security as well as protect on-premises environments. It can cluster polymorphic attacks and remediate them based on the attack itself, not just the sender.

IronShield automates malicious URL and attachment detection and remediation on all inbound emails using external trusted sources with various sandboxing capabilities. If a suspicious email is identified, it is sent to a third-party. If it comes back as malicious, it is blocked, and the response is automated. Phishing Mitigation displays a high-level breakdown of how many incidents were discovered, how many of those were marked as phishing, and how many emails have been remediated. It also shows a breakdown of impersonation attempts, phishing attacks, false positives and spam.

IronSights is the business email compromise protection component against new unknowns, impersonation attempts and more. If there are no signatures to match, it looks for imitation attempts and domain look-a-likes. If the scanner detects an email as suspicious but is not certain, it flags it. This helps mitigate false positives. To that end, it uses metadata and user’s habits to build a behavioral profile for baseline reference to flag anomalous behaviors. Sender fingerprinting technology considers implementation level of DMARC/SPF/DKIM, sending IPs, normal communication context, and other metadata to build a unique fingerprint for each sender. Any deviation from the norm will be detected immediately and flagged inside the mailbox through InMail banner alerts. 

Instead of having to forward an email to a security team or open a help ticket, users can consistently report emails with the click of a button. No installation is required. It is pushed from Office 365 to all versions of Outlook. Mobile compatible, it has the same banner features and reporting button. This is currently available for native applications with Android.At the time this review was written, iOS was in development.

IronTraps initiates a workflow of events that essentially does auto-triage with Themis, an AI-driven, virtual security analyst. Machine learning algorithms learned how analysts react to different types of threats, and Themis gives a confidence level to the incident level classification and prioritizes any reported incidents. This prioritization is based on things like how many people reported an incident, number of mailboxes affected, and if it included links and attachments. The goal is to automate and offload as many tasks as possible from the security team’s workload. This allows them to free up time to work on tasks that can’t be automated, so bubbling up highest risk incidents allows security teams to respond as quickly as possible. Users can set a confidence threshold to automate remediation when an attack is identified, or is above a certain confidence level.

Federation is a global, real-time threat intelligence surface shared among organizations that closes on campaigns faster than scanners by sharing of verdicts in realtime.

Multilingual banners are supported and fully customizable. Pricing starts at $3 per month, per mailbox for the full suite.

Tested by Matthew McMurrayk

Product title
IRONSCALES
Product info
Vendor: IRONSCALES Price: $3 per month/per mailbox Contact: ironscales.com
Strength
An effective multi-layered combination of advanced threat protection, end-user intervention, worldwide collaboration, and predictive AI.
Weakness
None that we found.
Verdict
The combination of scanning inbound emails for known and unknown threats, using machine learning to generate behavioral fingerprints of end-users, and capitalizing on the combined efforts of human analysts and AI to respond to incidents creates an efficient and adaptive platform for phishing detection and mitigation. IRONSCALES is a solid solution that will compliment any security stack.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.