Features to Fight Phishing
IDENTIFY
Custom Domain Generation
We generate domains similar to yours based on:
- Your industry, users location.
- Your employees habits, business practices.
- Empiric phishing practices.
- Custom keyword list provided by you.
Complete Mixing
Each generation method is combined with all others to cover a
complete map of all possible combinations:
homoglyph
TLD swap
custom prefixes
typo squatting
industry lingo
hyphenation
replacement
vowel-swap
insertion
custom suffixes
letter-digit swap
bitsquatting
repetition
transposition
PROTECT
Continuous Monitoring
Once generated, all domains are scanned continuously, several times every hour.
We record 50+ data points per domain over DNS records AS records IP records Whois records HTTP server WAF setup Email setup SSL config HTML content
Per-Domain Telemetry Data
We save raw data at each scan to be able to replay impersonation attacks.
Postmortem forensic analysis can then be performed to understand how impersonation attacks are deployed.
DETECT
Threat Detection
Each suspicious domain is assigned a threat score.
Our scoring mecanism is grounded in recent academic research[1].
Threat Alerting
Threat alerts can be sent to your team over several media: Email Webhook Slack CSV Export API
Support for Incident Response Platforms is planned. Get in touch for custom solutions.
RESPOND
Actionable Takedown
When a phishing threat is detected we send you the exact information you need to take it down — at each level.
We will help you to notify the Web server, WAF, and email services providers used by the impersonators.
False Positive Management
Sometimes a handful of domains scanned will be other legitimate businesses. Sometimes they will be domains your company bought proactively.
Our platform allows for manual annotation for each domain, avoiding cases of false positives.