Likelihood to Recommend Cofense PhishMe is an excellent solution for scenarios where it will be sold as a managed service. I believe that PhishMe is too expensive for many clients and instead would benefit from the economies of scale where an MSSP sells it as part of a whole service, which offers the analysts and reporting included. PhishMe is excellent for training and awareness of Phishing, but shouldn't replace mandatory training for new joiners or yearly refreshers, it should only be used as an additional training option.
Read full review Trellix (FireEye + McAfee)
It provides great web security and will protect your devices against viruses and malware when paired with other security software and hardware. For instance, we have multiple layers of security set up so if McAfee misses something then one of our other barriers will catch the infection or intrusion before it reaches the network. I would not suggest using this product as a standalone agent because I do not think it will be as effective when working by itself. The dashboard also makes it convenient to manage devices, policies, and settings from wherever you are so it's an ideal solution for any IT department to use. I would just suggest using something else as a backup so your network isn't left vulnerable.
Read full review Pros It gives clear-cut segregation of different parts of an email, header, text and HTML body, URL, attachments, HTML preview and some analytical insight like "similar reports." This distinctive approach actually helps reduce data overload during an analysis. The URLs captured here pass through an automatic reputation check [in our case VirusTotal] and add a tag of the reputation. If it is a well-known bad URL the tag helps us take the decision fast. For creating automation rules on the reported emails the "Recipes" section is really helpful. We can create easy recipes [or rules ] to handle a huge flow of reports and also we can create more sophisticated rules depending on the Cyber intelligence feed to catch the really bad currently less known attack attempts by malicious emails. The "Threat Indicators" section is also useful to use as a threat intelligence source to check the URLs for their maliciousness. Read full review Trellix (FireEye + McAfee)
Provides high fidelity alerting. Allows CSOC analysts to perform forensic triage and alert investigations through containment from a single pane of glass. Provides alert telemetry across on-disk and in-memory attacks. Supports many additional 'bolt-on' modules to provide additional alert context or capabilities. Read full review Cons Completely switching to the new UI - Most is redesigned, but some old elements remain Ability to spoof known brands - limited in scope now and you are not allowed to use fully "convincing" campaigns that we are seeing in the wild Ability to own and manage own domains - right now adding a new company domain requires a ticket, allow us to add/verify ourselves Read full review Trellix (FireEye + McAfee)
The amount of false detections especially the negative ones needed to be reduced. It requires more optimization. It tends to make the PCs slower. It almost doesn't have the ability to heal. This is very important as we need our sensitive data to be recoverable. It doesn't have any free scanning functionality. Our users using personal machines cannot scan in case of an incident. This could be added like Malwarebytes. Read full review Usability Its built with UX in mind and is aimed at non-tech people, to ensure that almost everyone can run the campaign. But if we go deeper - sometimes you will need an HTML editor or support in order to figure out some advanced edits you might want to add in your scenarios.
Read full review Trellix (FireEye + McAfee)
Support Rating I have not had to use their support for pretty much anything. The software works well, and is very intuitive. I would imagine their support would be rather basic as there is not too much that can go wrong with a report phishing button, and if it were I would probably consider a different software.
Read full review Trellix (FireEye + McAfee)
The support of product was very good when we initially implemented the solution. We were getting fats replies and could see the customer approach. After a while the level of support was not following the SLA's and the replies were getting very confusing and late.
Read full review Online Training It's a must, even if you are never going to use the tool. Cofense aims to provide phishing training first and tool second.
Read full review Trellix (FireEye + McAfee)
Implementation Rating There are some hiccups, but there are meant to be, when you implement something in a large scale enterprise.
Read full review Trellix (FireEye + McAfee)
Alternatives Considered Cofense PhishMe was the first choice for us as the user interface as well as their bundle package with
Cofense Triage and Vision has helped the organisation to alleviate the overall security awareness posture. The other vendors did not provide a vast range of phishing scenarios as compared to Cofense PhishMe platform.
Read full review Trellix (FireEye + McAfee)
Unlike Trellix Endpoint Security Symantec Endpoint provides less information about events on the user side. Trellix give an opportunity to see information about virus detection on a user machine as quick as it possible, so we were able to catch the signs of virus propagation early and prevent the spread of damage
Read full review Return on Investment Recipes in the system are capable of handling almost 2x what an analyst does, which cuts down the efforts [of] an analyst and provides more time for accurate strategies. With roughly 90% false positives coming through, the remaining 10% of true positives need as much attention as they can get for the full investigation and analysis. 1,500 or more phishing messages can come through in a given week and the amount of time/employees required to review this without a tool like Cofense is surely beyond [the] expected/anticipated budget. Read full review Trellix (FireEye + McAfee)
From an auditing standpoint, we can show that our workstations/servers are protected. Even though it cant identify more advanced/targeted malware, it is still good to identify the more obvious malware which occurs daily in my enterprise. Since it can be easily deployed, the products can easily get deployed on all systems in the environment for optimal anti-malware protection. Read full review ScreenShots Cofense PhishMe Screenshots Trellix Endpoint Security ENS Screenshots