Cofense Triage Reviews and Ratings

Rating: 9.4 out of 10

Score

9.4 out of 10

Community insights

TrustRadius Insights for Cofense Triage are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.

Business Problems Solved

Cofense Triage offers a range of valuable use cases for users seeking to improve their email security. With its automated scanning and analysis capabilities, it helps users identify phishing and spam emails, reducing the risk of falling victim to cyberattacks. By integrating a button into the email platform, end users can easily report suspicious emails, increasing user reporting and further enhancing email security. This feature has been well-received by customers, who have praised its effectiveness in identifying malicious emails.

Administrators also benefit from Cofense Triage as they can set up triage and roles for employees, streamlining the process and enabling efficient threat remediation and user education. The software's comprehensive history and analysis of phishing and spamming emails are highly regarded by users as it aids in minimizing the impact of data breaches and assists in creating rules to prevent future phishing attempts.

Users appreciate the customization options provided by Cofense Triage, allowing them to create rules and recipes tailored to their specific requirements. This customization not only enhances their threat hunting skills but also automates responses, saving time and improving efficiency. Additionally, the software's ability to analyze email headers and detect suspicious emails has proven to be a valuable time-saver by presenting important information upfront and reducing the time spent on spam and benign messages.

Cofense Triage stands out with its capability to prioritize the severity of phishing emails, helping users determine which ones require immediate attention. Integration with Cofense Vision allows for quarantining these harmful emails, preventing potential harm to systems. Users have found this collaboration between the two tools particularly useful in efficiently collecting valuable information while protecting against phishing campaigns.

In terms of management capabilities, Cofense Triage excels at aggregating and organizing thousands of suspicious emails reported by employees. This centralization eases analysis processes conducted by security teams, enabling effective decision-making on remediation actions. Analysts also find value in having a centralized portal to review and respond to phishing emails, greatly enhancing their ability to document and protect against phishing campaigns.

The software's effectiveness in identifying various types of phishing attacks, including credential theft, business email compromise, malware, and social engineering, has garnered positive feedback from customers. Its ability to prevent numerous phishing campaigns by providing distinct insights into the types of emails received daily is highly appreciated.

Cofense Triage caters to users seeking efficiency in their email triage process. It allows for automatic categorization of emails and provides predefined responses based on defined criteria, saving time and improving overall productivity.

Managed service providers also find value in Cofense Triage as it enables them to efficiently triage reported emails and provide analysis for their clients. This streamlines the triage process and supports the analysis of targeted campaigns, ultimately improving the overall efficiency of their operations.

Overall, Cofense Triage serves as a reliable email security solution for both end users and administrators. By automating the scanning, analysis, and blocking of malicious emails, it helps users identify and prevent phishing and spam attacks. The software's customizable rules and recipes enhance threat hunting capabilities, while its detailed history and analysis of phishing emails aid in minimizing data breaches. With its seamless integration with the email platform and ability to prioritize severity, Cofense Triage streamlines the triage process and empowers organizations to effectively respond to phishing threats.

Reviews

38 Reviews

Cofense Triage - 2 years after

Rating: 7 out of 10

Incentivized

July 14, 2023

Use Cases and Deployment Scope

We utilize Cofense Triage platform to help us dealing with user-reported emails. Platform is automatically grouping reported emails into so-called clusters, based on sender. (This allows bulk-processing of the emails)

It also enables automatic categorization of emails based on set of predefined and custom rules which streamlines triage process.

Lastly, platform allows automatic response to be sent to the end-user based on defined criterias.

Using Cofense Triage allows us to triage a subset of incoming reports and identify real phishing cases amongst those

Pros

Grouping of incoming reports
Overview of metadata related to email, including rendered preview
Informative dashboard with quite some indicators available for selection

Cons

Product support could be better - there was an issue with some user accounts which was not resolved for a very long time
Lacking AI\ML capabilities - platform requires continuous efforts to be invested by the personnel in order to keep the quality of rules\automations high
Automatic remediation (e.g. purge of emails from mail server) of confirmed Phishing cases is not available - this is a separate product

Likelihood to Recommend

The tool is very helpful in improving Phishing detection capabilities as it streamlines the process of analyzing user reports a lot. Besides it has a built-in mechanism of rating reporters(end-users) based on their historical performance. Downside - tool requires continuous resource investment to deliver best result.

Tool is not helping too much in improving user-education, because automated response process is not immediate and is prone to errors.

Verified User

Manager in Information Technology (10,001+ employees)

Vetted Review

2 years of experience

Cofense Review - Highly recommend if within budget

Rating: 9 out of 10

Incentivized

April 12, 2023

Use Cases and Deployment Scope

I work at an MSSP where we use Cofense to manage multiple customers who send us potential phishing emails to analyze. Cofense speeds up this process by presenting important information up front. The information is organized well and it is very easy to triage and come to a determination if an email is legit or malicious. Beyond that, the automation that can be created in Cofense provides a way to easily handle noise and reduce the amount of time working through obvious spam/benign emails.

Pros

Presenting Relevant Info
Automation
Reducing Noise

Cons

Clustering is very hit or miss. Sometimes it clusters things that shouldn't be, and other times it would be nice if it clustered additional emails that weren't caught.

Likelihood to Recommend

Cofense is well suited for any security center that needs to triage a large amount of reported/suspicious emails and act on them quickly.

Verified User

Analyst in Information Technology (501-1000 employees)

Vetted Review

1 year of experience

Cofense is on top two and not number two!

Rating: 10 out of 10

Incentivized

March 14, 2023

Use Cases and Deployment Scope

I will list the product address and scope of use in one paragraph below. In my organization, we use Cofense Triage for e-mail security. Mainly Cofense Triage automates the scanning, analysis, and blocking of e-mails with malicious intent. Our end users also have the ability to manually report suspicious and potentially malicious e-mails. There is an add-in integrated into our e-mail platform/application, which is a button that end users click to report an e-mail. I receive and see all the e-mails which are reported and analyze which ones are malicious and which ones are not. From there, have an action plan.

Pros

Automated E-mail analysis.
Automated E-mail scanning.
Automated Malicious E-mail Blocking.
Reporting to administrators.

Cons

None
None
None

Likelihood to Recommend

In my experience as an administrator. Cofense generates reports of the types of e-mails which are scanned, reported, and blocked, and from there, I can present to the board the work which is automated, which gives our analysts the to focus on other issues. It is very well suited to a large business as it enforces automation and collaboration between different IT sectors in my organization. The main reason is it enforces e-mail security. There is no scenario that I can think of where Cofense Triage is less appropriate.

Derrick Mmotla

Security Specialist in Information Technology at University of Johannesburg (5001-10,000 employees)

Vetted Review

3 years of experience

View profile

Triage has been great for noise reduction

Rating: 9 out of 10

Incentivized

February 16, 2023

Use Cases and Deployment Scope

Triage has been very helpful with remediating phishing emails that hit our employees mailboxes. We are able to use the provided and customized rules to filter out legitimate emails which help our investigators save time by looking at high fidelity alerts. The simplicity of the product is also great for our end users which enables them easy access to report suspected phishing emails.

Pros

Email Reporting
customization
playbooks

Cons

updates
maintenance

Likelihood to Recommend

Cofense Triage has been great for our end users as well as our engineers and investigators. We are able to streamline phishing reports and investigate and respond in a timely manner. This allows us to stay vigilant against phishing techniques while providing a great user experience. Utilizing the provided and customizable rules allows for easy integration to existing workflows and products.

Verified User

Analyst in Information Technology (10,001+ employees)

Vetted Review

4 years of experience

Cofense Triage - Saving Time and Effort in the Fight for Accurate Phishing Detection and Response

Rating: 9 out of 10

Incentivized

December 17, 2022

Use Cases and Deployment Scope

Cofense Triage allows the analysts on our Threat Detection team the

ability to quickly review and respond to each of the reported emails by

our users. Our response rate to our employees is now 100% and we are

able to stay on top of undetected threats that come across in phishing

emails. Cofense Triage conducts the initial analysis on these emails and

tags them appropriately so that we cut down on the amount of time that

we need to spend on each one.

Pros

Groups emails of the same type together
Applies tags to emails based on rules
Allows quick and efficient responses to users

Cons

The ability to customize responses on the fly would be helpful
The ability to hover over elements in the HTML preview to get a mouseover tool tip of things like the URL (not-clickable) would be a great improvement

Likelihood to Recommend

Cofense Triage is well suited for a large enterprise environment where manually reviewing and responding to reported phishing emails would not be feasible. Cofense Triage may not be suitable for smaller organizations, as the cost-to-benefit ratio wouldn't make it a worthwhile investment.

John Devich

Senior Manager, Threat Detection at Ansys, Inc. (5001-10,000 employees)

Vetted Review

5 years of experience

Great email threat analysis tool

Rating: 8 out of 10

Incentivized

December 1, 2022

Use Cases and Deployment Scope

We use Cofense Triage to analyze emails reported from users from their email inbox. With the full scope of emails, we can then proceed to break down possible targeted campaigns towards our organization. Also, we can then give access to other teams that will further analyze the emails and classify them in different categories depending on the type of attack, such as credential phishing, malware or business email compromise.

Pros

Clear view of all emails reported
Easy classification according to playbooks
Email breakdown in URLs, attachment and HTML code

Cons

Outdated UI
Lacking better user management
Short amount of filters

Likelihood to Recommend

It is best suited for incident response and threat analysis teams, as Cofense Triage allows them to check emails reported by users in real time.

Verified User

Technician in Information Technology (5001-10,000 employees)

Vetted Review

1 year of experience

Cofense Triage from an MSSP point-of-view

Rating: 8 out of 10

Incentivized

October 11, 2022

Use Cases and Deployment Scope

We run Cofense Triage as an MSSP, offering as part of a managed service to our clients. We provide the analysts who Triage the reported emails, make decisions on their authenticity and malicious intent. Our analysts then provide feedback to the reporter and we summarize details of the overall Triage service on a regular basis. We use Triage in conjunction with Vision to provide an overall email security service.

Pros

Risk rating emails using rules.
Scoring reporters based on their performance at reporting malicious vs non-malicious emails.
Previews and rating attachments.
Integrations using APIs to allow quicker analysis of URLs.

Cons

Adding additional mailboxes which can be customised for different analysts or rules to prioritise a 'Suspected Malicious' mailbox over a 'Suspected Spam' etc. mailbox.
Recipies and Triggers appear to be an overlap and 2 features which do the same thing.
Showing comments made on a cluster in the mailbox view can often help save time, rather than entering the contents of a message to see this information.
Automatic comments on messages based on a playbook would be useful, this may be a feature that exists on new versions however.

Likelihood to Recommend

Triage is an excellent solution for analyzing, categorizing and responding to reported emails. It has a simple interface which is easy to get used to and the features can be used to semi-automate many actions, speeding up the analysis massively. This is a great platform for analyzing small to medium amount of emails (10-20 per analyst per day), however it takes quite a lot of setup of automation to make it useful for larger scale companies.

Verified User

Program Manager in Information Technology (10,001+ employees)

Vetted Review

1 year of experience

Cofense Triage is Great!

Rating: 10 out of 10

Incentivized

September 27, 2022

Use Cases and Deployment Scope

My company use Cofense Triage to identify and analyse any malicious emails that appear in employee mailboxes. This allows us to protect employees from external threats. We can use examples of these malicious emails to show employees during phishing training exercises. Cofense has helped to address the concerns of phishing emails targeting our employees. The tool is easy to use and easily adaptable to your needs.

Pros

Helps to categorise emails
Helps identify malicious emails
Easy to navigate with accessible dashboard

Cons

Include customizable categories for emails
Manual reporter score alterations
Display comments in table view

Likelihood to Recommend

Cofense triage can be used for all businesses as it is easily adaptable to your needs. It is an amazing tool to increase your cyber security defences within the business. So far this month my company have been able to identify 11 malicious emails which otherwise could have gone undetected.

Verified User

Employee in Information Technology (10,001+ employees)

Vetted Review

1 year of experience

Cofence Triage - Value for Money

Rating: 10 out of 10

Incentivized

September 27, 2022

Use Cases and Deployment Scope

To solve the phishing response system

Pros

Clusters email to prioritize them
Automated Response to Reporters
Consolidated email to proxy team
identifying who else in the organization had received the similar email

Cons

rule creations
configuring 3rd party APIs
NA

Likelihood to Recommend

- All enterprise organization who are trying to corelate emails that are missed by the SEGs should use this system

- Small organization may not need them.

Jitendera Devilal

Director in Engineering at Netpoleons (201-500 employees)

Vetted Review

20 years of experience

Threat Scope.

Rating: 10 out of 10

Incentivized

August 6, 2022

Use Cases and Deployment Scope

The system is great; it really does take the worry away of parsing through emails that may be deemed benign or not. The deployment was easy, and managing the solution was also easy; the solution integrates with other solutions, such as Cuckoo, which helps provide greater insight into URLs and attachments.

Pros

Threat Intelligence.
Reputation analysis.

Cons

More integrations.

Likelihood to Recommend

It has been well suited for parsing end-user submissions.

Verified User

Professional in Information Technology (1001-5000 employees)

Vetted Review

1 year of experience

Loading Reviews List....

Home
,
Incident Response
,
Cofense Triage
,
Reviews and Ratings

Cofense Triage - 2 years after

Rating: 7 out of 10

Incentivized

July 14, 2023

Use Cases and Deployment Scope

It also enables automatic categorization of emails based on set of predefined and custom rules which streamlines triage process.

Lastly, platform allows automatic response to be sent to the end-user based on defined criterias.

Using Cofense Triage allows us to triage a subset of incoming reports and identify real phishing cases amongst those

Pros

Grouping of incoming reports
Overview of metadata related to email, including rendered preview
Informative dashboard with quite some indicators available for selection

Cons

Product support could be better - there was an issue with some user accounts which was not resolved for a very long time
Lacking AI\ML capabilities - platform requires continuous efforts to be invested by the personnel in order to keep the quality of rules\automations high
Automatic remediation (e.g. purge of emails from mail server) of confirmed Phishing cases is not available - this is a separate product

Likelihood to Recommend

Tool is not helping too much in improving user-education, because automated response process is not immediate and is prone to errors.

Verified User

Manager in Information Technology (10,001+ employees)

Vetted Review

2 years of experience