SlashNext, a leading provider of real-time anti-phishing and incident response solutions, announced an automated phishing incident response (IR) and threat hunting solution with accurate, run-time analysis of suspicious URLs on-demand and at scale. SlashNext URL Analysis & Enrichment is purpose-built for IT security teams, security vendors, MSSPs, and MDRs to add automated phishing URL analysis to phishing IR playbooks, network log threat hunting, and more.
“With security, teams stretched thin and drowning in alerts, they need more efficient ways to identify and respond to genuine threats,” said Atif Mushtaq, CEO, and founder of SlashNext. “Our URL analysis and enrichment service detect phishing threats, including those previously unknown, with unmatched precision. This enables teams to increase their automated detection and incident response capabilities with fewer resources.”
Increased cyber awareness training and single-click reporting of suspicious emails by users have created a new problem for Security Ops Center (SOC) and Incident Response (IR) teams – effectively managing a growing abuse inbox with limited resources. Automating URL analysis with SOAR playbooks can save huge amounts of time and resources, but much available threat feeds and URL lookup services still have shortcomings. The biggest problems include the return of false negatives on newer threats and for phishing pages on compromised websites. Other barriers involve URL obfuscation techniques, redirects, and multi-stage attacks, along with fake log-in pages and inconclusive threat risk scores rather than accurate, definitive results.
SlashNext now provides SOC and IR teams with a scalable, cloud-based solution that is purpose-built for accurate, definitive results and enrichment to speed the execution of phishing IR playbooks, analysis, and reporting. In combination with pre-built integration apps for leading SOAR platforms, SlashNext can dramatically reduce the time, effort, and cost of phishing IR.
Benefits of the SlashNext URL Analysis for Phishing Incident Response solution include:
- Reducing the time and cost needed to research suspicious URLs.
- Increasing productivity by freeing up IR teams from performing costly manual research.
- Decreasing the workload and risk associated with finding false negatives and false positives.
- Improving security with prompt identifications and incident responses for genuine phishing emails.
URL Analysis & Enrichment is also easily accessed via integration apps with leading vendors for Security Orchestration, Automation and Response (SOAR), Security Information and Event Management (SIEM), and Threat Intelligence Platforms (TIP), including ThreatConnect, Cortex XSOAR (previously Demisto), Splunk Phantom, Anomali and more. This network includes global hardware sensors that inspect millions of daily Internet transactions in real-time. The system also incorporates spam traps and real-time certificate transparency logs to root out suspicious ad networks and passive Domain Name System (DNS) sensors.