Skip to main content
TrustRadius
Cofense Triage

Cofense Triage

Overview

What is Cofense Triage?

Cofense Triage accelerates phishing qualification, investigation, and response by automating standard responses to suspicious emails to make analysts more efficient and driving out actionable intelligence, and providing incident response playbook.

Read more
Recent Reviews

TrustRadius Insights

Cofense Triage offers a range of valuable use cases for users seeking to improve their email security. With its automated scanning and …
Continue reading

Threat Scope.

10 out of 10
August 06, 2022
Incentivized
The system is great; it really does take the worry away of parsing through emails that may be deemed benign or not. The deployment was …
Continue reading

Simple Yet Effective Tool

9 out of 10
July 05, 2022
We use the product to automatically triage emails reported as phishing. We receive a large number of spam emails. Cofense Triage has saved …
Continue reading

Cofense Triage Review

8 out of 10
March 01, 2022
Incentivized
During these busy IT times, there are more and more phishing emails getting delivered in our environment, Cogence Triage helps to manage …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 4 features
  • Centralized Dashboard (35)
    8.0
    80%
  • Live Response for Rapid Remediation (31)
    6.9
    69%
  • Integration with Other Security Systems (34)
    6.7
    67%
  • Attack Chain Visualization (27)
    6.6
    66%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Cofense Triage?

Cofense Triage accelerates phishing qualification, investigation, and response by automating standard responses to suspicious emails to make analysts more efficient and driving out actionable intelligence, and providing incident response playbook.

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://cofense.com/pricing

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

8 people also want pricing

Alternatives Pricing

What is CrowdStrike Falcon?

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no…

What is KnowBe4 PhishER?

PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security…

Return to navigation

Features

Incident Response Platforms

Incident response (IR) platforms guide countermeasures against a security breach and deploy preplanned, automated threat responses

7.1
Avg 8.5
Return to navigation

Product Details

What is Cofense Triage?

Cofense Triage is a phishing-specific solution for qualifying, investigating, and responding to phishing attacks. Cofense Triage integrates intelligence-driven rules to reduce the noise generated by a reporting culture and surface those threats that put an organization at risk. Playbooks enable security operations teams and threat analysts to reduce their workload by automating the analysis of and response to known events, freeing up time to investigate the latest threats to the organization. And, with a fully documented API, Cofense Triage integrates with existing security investments, including ticketing systems and SIEM and SOAR platforms.

Cofense Triage Features

Incident Response Platforms Features

  • Supported: Integration with Other Security Systems
  • Supported: Attack Chain Visualization
  • Supported: Centralized Dashboard
  • Supported: Live Response for Rapid Remediation

Additional Features

  • Supported: Extensive & regularly updated rules library to identify emerging & evolving phishing threats
  • Supported: Smart clustering to group reported emails based on threat payload
  • Supported: Noise Reduction Engine to aid classification and processing of non-malicious reported emails
  • Supported: Integration with VirusTotal and other security tools including SIEM & Threat Analysis solutions
  • Supported: Comprehensive API
  • Supported: Create Recipes to automate processing of reported emails
  • Supported: Integrate with Cofense Vision for quick-click phish threat hunting and quarantine
  • Supported: Provide feedback to users who report to support awareness programs
  • Supported: Triage Community Exchange enabling crowdsourced threat intelligence

Cofense Triage Screenshots

Screenshot of Triage DashboardScreenshot of Triage Dashboard Cluster DetailsScreenshot of Triage Cluster DetailsScreenshot of Triage Cluster Malicious AttachmentScreenshot of Triage Cluster HeadersScreenshot of Triage Reporter DetailsScreenshot of Triage Noise Custom Rules

Cofense Triage Video

Cofense Triage

Cofense Triage Integrations

  • VirusTotal
  • SIEM solutions via Syslog
  • Cisco Umbrella Investigate
  • Lastline Analyst
  • Palo Alto Wildfire
  • Cuckoo Sandbox
  • ServiceDesk solutions via Email

Cofense Triage Competitors

Cofense Triage Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux, Mac, Linux virtual appliance
Mobile ApplicationNo
Supported CountriesGlobal
Supported LanguagesEnglish

Cofense Triage Downloadables

Frequently Asked Questions

Cofense Triage accelerates phishing qualification, investigation, and response by automating standard responses to suspicious emails to make analysts more efficient and driving out actionable intelligence, and providing incident response playbook.

Agari Phishing Response, KnowBe4 PhishER, and Avanan are common alternatives for Cofense Triage.

Reviewers rate Centralized Dashboard highest, with a score of 8.

The most common users of Cofense Triage are from Enterprises (1,001+ employees).

Cofense Triage Customer Size Distribution

Consumers0%
Small Businesses (1-50 employees)1%
Mid-Size Companies (51-500 employees)13%
Enterprises (more than 500 employees)86%
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(70)

Community Insights

TrustRadius Insights are summaries of user sentiment data from TrustRadius reviews and, when necessary, 3rd-party data sources. Have feedback on this content? Let us know!

Cofense Triage offers a range of valuable use cases for users seeking to improve their email security. With its automated scanning and analysis capabilities, it helps users identify phishing and spam emails, reducing the risk of falling victim to cyberattacks. By integrating a button into the email platform, end users can easily report suspicious emails, increasing user reporting and further enhancing email security. This feature has been well-received by customers, who have praised its effectiveness in identifying malicious emails.

Administrators also benefit from Cofense Triage as they can set up triage and roles for employees, streamlining the process and enabling efficient threat remediation and user education. The software's comprehensive history and analysis of phishing and spamming emails are highly regarded by users as it aids in minimizing the impact of data breaches and assists in creating rules to prevent future phishing attempts.

Users appreciate the customization options provided by Cofense Triage, allowing them to create rules and recipes tailored to their specific requirements. This customization not only enhances their threat hunting skills but also automates responses, saving time and improving efficiency. Additionally, the software's ability to analyze email headers and detect suspicious emails has proven to be a valuable time-saver by presenting important information upfront and reducing the time spent on spam and benign messages.

Cofense Triage stands out with its capability to prioritize the severity of phishing emails, helping users determine which ones require immediate attention. Integration with Cofense Vision allows for quarantining these harmful emails, preventing potential harm to systems. Users have found this collaboration between the two tools particularly useful in efficiently collecting valuable information while protecting against phishing campaigns.

In terms of management capabilities, Cofense Triage excels at aggregating and organizing thousands of suspicious emails reported by employees. This centralization eases analysis processes conducted by security teams, enabling effective decision-making on remediation actions. Analysts also find value in having a centralized portal to review and respond to phishing emails, greatly enhancing their ability to document and protect against phishing campaigns.

The software's effectiveness in identifying various types of phishing attacks, including credential theft, business email compromise, malware, and social engineering, has garnered positive feedback from customers. Its ability to prevent numerous phishing campaigns by providing distinct insights into the types of emails received daily is highly appreciated.

Cofense Triage caters to users seeking efficiency in their email triage process. It allows for automatic categorization of emails and provides predefined responses based on defined criteria, saving time and improving overall productivity.

Managed service providers also find value in Cofense Triage as it enables them to efficiently triage reported emails and provide analysis for their clients. This streamlines the triage process and supports the analysis of targeted campaigns, ultimately improving the overall efficiency of their operations.

Overall, Cofense Triage serves as a reliable email security solution for both end users and administrators. By automating the scanning, analysis, and blocking of malicious emails, it helps users identify and prevent phishing and spam attacks. The software's customizable rules and recipes enhance threat hunting capabilities, while its detailed history and analysis of phishing emails aid in minimizing data breaches. With its seamless integration with the email platform and ability to prioritize severity, Cofense Triage streamlines the triage process and empowers organizations to effectively respond to phishing threats.

Attribute Ratings

Reviews

(1-25 of 38)
Companies can't remove reviews or game the system. Here's why
Score 7 out of 10
Vetted Review
Verified User
Incentivized
  • Grouping of incoming reports
  • Overview of metadata related to email, including rendered preview
  • Informative dashboard with quite some indicators available for selection
  • Product support could be better - there was an issue with some user accounts which was not resolved for a very long time
  • Lacking AI\ML capabilities - platform requires continuous efforts to be invested by the personnel in order to keep the quality of rules\automations high
  • Automatic remediation (e.g. purge of emails from mail server) of confirmed Phishing cases is not available - this is a separate product
March 03, 2023

Love Triage

Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • Provides a safe environment for investigation of potentially malicious emails
  • Ability to automate responses to reported emails
  • Makes reading of headers and attachments easy
  • Ability to leave a comment across clusters
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • Groups emails of the same type together
  • Applies tags to emails based on rules
  • Allows quick and efficient responses to users
  • The ability to customize responses on the fly would be helpful
  • The ability to hover over elements in the HTML preview to get a mouseover tool tip of things like the URL (not-clickable) would be a great improvement
Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • Clear view of all emails reported
  • Easy classification according to playbooks
  • Email breakdown in URLs, attachment and HTML code
  • Outdated UI
  • Lacking better user management
  • Short amount of filters
Score 8 out of 10
Vetted Review
Verified User
  • Risk rating emails using rules.
  • Scoring reporters based on their performance at reporting malicious vs non-malicious emails.
  • Previews and rating attachments.
  • Integrations using APIs to allow quicker analysis of URLs.
  • Adding additional mailboxes which can be customised for different analysts or rules to prioritise a 'Suspected Malicious' mailbox over a 'Suspected Spam' etc. mailbox.
  • Recipies and Triggers appear to be an overlap and 2 features which do the same thing.
  • Showing comments made on a cluster in the mailbox view can often help save time, rather than entering the contents of a message to see this information.
  • Automatic comments on messages based on a playbook would be useful, this may be a feature that exists on new versions however.
September 27, 2022

Cofense Triage is Great!

Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • Helps to categorise emails
  • Helps identify malicious emails
  • Easy to navigate with accessible dashboard
  • Include customizable categories for emails
  • Manual reporter score alterations
  • Display comments in table view
Score 9 out of 10
Vetted Review
Verified User
  • Automation using YARA
  • Clustering
  • Pulling IOCs
  • Custom responses
  • Comments when reporting an email from Microsoft Outlook
  • Open source intelligence integration
  • Auto-pulling emails
Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • Processed reports by type of emails which came during the day
  • Process reports by category (Non-malicious, spam, malware, fraud )
  • Average time to process a report
  • Cofense Intelligence rules
  • Improvement for email parsing like there are many parameters where the emails go through but sometimes they fail and becomes unparsed and the emails get into a pending state
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • Overview of all reported mails.
  • Customizable feedback towards reporter flexibility
  • Customizable Quick action menu
  • Integration with other tooling
  • Rules & recipies
  • Analyzing a mail is made easy due to the way the views are setup for the analyst
  • Analyzing attachments is a bit cumbersome
December 19, 2021

Cofense Triage Review

Score 10 out of 10
Vetted Review
Verified User
  • Reported email processing
  • Email management
  • Email categorization
  • Extensive reporting
  • Blocking phishing emails
  • Inline content filtering
Nishant Aggarwal | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • Email Header Analysis and severity prioritization.
  • Intel fetch for the latest threats in the wild.
  • Auto Quarantine mails after integration with Cofense Vision.
  • User Interface.
  • Rule making should be in high level language.
  • Integration with SOAR.
Score 4 out of 10
Vetted Review
Verified User
Incentivized
  • Separating links and attachments contained in the email, and checking to see if they are known malicious.
  • Clustering like emails to save time when responding.
  • Providing risks scores with each cluster to give an estimate on which clusters should be addressed first.
  • plugin regularly disappears from outlook and is not available on all mobile platforms
  • UI updates tend to make the Triage page look nicer at first glance, but have often caused it to be more clunky and harder to use.
  • Lacks some features such as being able to send one off responses to submitted emails instead of just canned responses.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • Extraction of IOCs
  • Rules and recipes for automation.
  • Assist triage
  • API could be further improved for integration with other tools.
  • Improve Splunk Phantom App for two way communication.
  • Enable Catch a Phish support in the latest Mac OS (Catalina).
Score 7 out of 10
Vetted Review
Verified User
Incentivized
  • Cluster email reports from users.
  • Respond to users.
  • Whitelist known benign emails.
  • I would not consider Cofense Triage a full IR/investigation tool. The reporting is limited; you can't have analysts assign clusters like queues and cannot categorize outcomes. For instance, if you categorize something as credential theft you cannot add notes or anything indicating whether that attempt was successful.
August 20, 2021

Cofense Triage Review

Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • Breaks down emails in a safe way for analysis.
  • Sends responses to reporters about their reported emails.
  • Breaks down metrics of what types of emails are reported every month.
  • Easier searching & reporting.
  • Ability to integrate with ticketing system.
Return to navigation