#1 most frequent
United States of America
71.0%22 installations of 31
What is Cofense PhishMe?
Cofense PhishMe is a cyber threat and phishing simulator meant to be of use in training employees to be wary against threats and also to gain information about general employee threat knowledge and preparedness. A free trial is available for small business.
Categories & Use Cases
Media
1 / 5
Screenshot of Image 1 – Board of Directors (BOD) report showcasing results of your phishing defense program
Top Performing Features
Role-based user permissions
Permissions to perform actions or access or modify data are assigned to roles, which are then assigned to users, reducing complexity of administration.
Category average: 8.8
Security Reporting
Reports available may include statistics on phishing simulations, training completion, etc.
Category average: 8.6
Industry-Specific Security Training
Security training can be tailored based on industry-specific requirements, such as HIPAA, PCI DSS, GDPR, etc.
Category average: 7.8
Areas for Improvement
Multilingual Training Content
Training content is available in multiple languages.
Category average: 8.5
Training Gamification
Training content is available in a gamified format.
Category average: 7.8
Individualized Security Training Plans
Training can be tailored to individual employees based on previous training, role, or assessed vulnerability.
Category average: 8.3
Who Buys & Uses Cofense PhishMe
#2 most frequent
Canada
9.7%3 installations of 31
#3 most frequent
Germany
6.5%2 installations of 31
The Most Comprehensive phishing system in the world.
Use Cases and Deployment Scope
We are using Cofense frequently to report phishing mail. It is addressing resolving reporting issues before the user reporting is very difficult and it will take time; now, it is easy to report and find the malware, but it is very time-consuming. Cofense is very helpful for auto categorizations, so it will save lots of time.
Pros
- Creating the Rule for know emails.
- Sending notification is very useful to forward the request to SOC team for analyzing.
- Running play book is very useful and easy to resolve the issue.
Cons
- In the matches we need more details.
- Creating rules is very difficult.
- YARA rules are not understandable.
Most Important Features
- Report Phishing.
- Categorize the mail.
- Sending notification.
- Run play book.
- Creating rules for know thread and know legitimated mail.
Return on Investment
- it is very useful product.
- I recommend to purchase, it is more value then what your paying.
- Overall it is improving the reputation of the company.
Alternatives Considered
Proofpoint Security Awareness Training, Infosec IQ, SANS Security Awareness Training and Lucy Security
Other Software Used
VirusTotal, Lastline, LogRhythm NextGen SIEM Platform
Cofense [PhishMe] at a Glance
Use Cases and Deployment Scope
[Cofense PhishMe] is used at Express for security awareness, security education, and protection of the organization from bad actors that are persistent and relentless in the pursuit of attacking the organization from the storefront, back office, and the C-suite.
Pros
- Education
- Filtering know bad.
- Responding to the reporter.
Cons
- Threat Intel API feeds.
- Sandbox
- User generated reporting.
Return on Investment
- Auditable training solutions.
- Constant filtering.
- Ease of use.
Other Software Used
Cisco Cloud Email Security, Microsoft 365 (formerly Office 365), BlackBerry Optics (CylanceOPTICS), BlackBerry Protect (CylancePROTECT)
Phishing simulation with a small team for a big company
Use Cases and Deployment Scope
In the past, we were using it only on a quarterly basis as a benchmark type of activity. Nowadays, we are offering Phishing Simulation as a service to our departments and we are slowly getting to 1 big Q exercise (250k people) and 3-4 monthly ones (anywhere from 50 to 5k users).
Pros
- Friendly UX.
- Huge selection of phishes.
- Ability to customize.
Cons
- Web version support - sometimes it's too laggy.
- Upload/download rate for results and recipient lists.
Return on Investment
- CIRT now has a great dataset of simulations that we ran, with some interesting metrics.
- Business leaders now view phishing defense as a metric they want to improve.
Other Software Used
SANS Advanced Cybersecurity Learning Platform, Microsoft Yammer, Microsoft Excel
Usability
PhishMe for Analyst
Pros
- It gives clear-cut segregation of different parts of an email, header, text and HTML body, URL, attachments, HTML preview and some analytical insight like "similar reports." This distinctive approach actually helps reduce data overload during an analysis.
- The URLs captured here pass through an automatic reputation check [in our case VirusTotal] and add a tag of the reputation. If it is a well-known bad URL the tag helps us take the decision fast.
- For creating automation rules on the reported emails the "Recipes" section is really helpful. We can create easy recipes [or rules ] to handle a huge flow of reports and also we can create more sophisticated rules depending on the Cyber intelligence feed to catch the really bad currently less known attack attempts by malicious emails.
- The "Threat Indicators" section is also useful to use as a threat intelligence source to check the URLs for their maliciousness.
Cons
- Need to add more OSINT APIs to check the reputation of embedded URLs and the hash of attached files.
- "Screen Capture" of the embedded URL links [after clicking on the embedded URL where the URL takes the user] will be really helpful for triaging basic credential harvesting attack scenarios.
- Integration of ProofPoint email gateway to Phishme triage will help us determine the number of email flow from a suspicious sender. This will reduce the requirement of opening another console just to check the number of emails from a particular sender.
Return on Investment
- From a normal user's perspective, it's an easy and fast, very very user-friendly phishing email reporting structure. No need to remember any email address, no need for sophisticated handling of malicious emails while sending/ reporting. Just a click and it is done.
- From the admin and analyst point of view: Easy and clutter-free triaging pane, IOC reputation check facility, Rules and Recipes section for automation and focused triaging, Notification to the reporter based on the triaging done is really a helpful feedback loop.
- Overall: Simple to handle, less learning curve, well managed, less administration time, fewer issues, less maintenance time.
Other Software Used
CrowdStrike Falcon Endpoint Protection, Splunk Enterprise Security (SIEM), RSA NetWitness Orchestrator, Exabeam Fusion, Symantec Data Loss Prevention, Palo Alto Networks Cortex XSOAR (formerly Demisto), Palo Alto Networks Next-Generation Firewalls - PA Series, Titanium Cloud, Zscaler Internet Access, Zscaler Private Access, Amazon GuardDuty, Palo Alto Networks Prisma SaaS (formerly Aperture), Palo Alto Networks Prisma Cloud, Cisco Firepower 1000 Series
Product review: Cofense PhishMe
Use Cases and Deployment Scope
We are using the Cofense PhishMe solution to send phishing scenarios and we are getting great results and great views in the console. The platform is easy to use and has a lot of resources. We are also using targeted scenarios from the module. Also, the LMS module provides great value to organizations as they have generalized security modules and also have gamification modules for security awareness programs. The platform is user-friendly and does not require training to use the platform. I was able to use it without any prior training. I am able to perform all phishing scenarios from the user-friendly console.
Pros
- Learning
- Phishing scenerios
- Awareness letters
Cons
- New content
- Innovative
- Resources for training
Return on Investment
- Good product
- You will get what you paid for.
- Nice resources
Other Software Used
Awake Security Platform, RSA NetWitness Logs, Barracuda Cloud Security Guardian
