Features to Fight Phishing
Custom Domain Generation
We generate domains similar to yours based on:
- Your industry, users location.
- Your employees habits, business practices.
- Empiric phishing practices.
- Custom keyword list provided by you.
Each generation method is combined with all others to cover a
complete map of all possible combinations:
homoglyph TLD swap custom prefixes typo squatting industry lingo hyphenation replacement vowel-swap insertion custom suffixes letter-digit swap bitsquatting repetition transposition
Once generated, all domains are scanned continuously, several times every hour.
We record 50+ data points per domain over DNS records AS records IP records Whois records HTTP server WAF setup Email setup SSL config HTML content
Per-Domain Telemetry Data
We save raw data at each scan to be able to replay impersonation attacks.
Postmortem forensic analysis can then be performed to understand how impersonation attacks are deployed.
Each suspicious domain is assigned a threat score.
Our scoring mecanism is grounded in recent academic research.
Threat alerts can be sent to your team over several media: Email Webhook Slack CSV Export API
Support for Incident Response Platforms is planned. Get in touch for custom solutions.
When a phishing threat is detected we send you the exact information you need to take it down — at each level.
We will help you to notify the Web server, WAF, and email services providers used by the impersonators.
False Positive Management
Sometimes a handful of domains scanned will be other legitimate businesses. Sometimes they will be domains your company bought proactively.
Our platform allows for manual annotation for each domain, avoiding cases of false positives.