Skip to main content
TrustRadius
Cofense Triage

Cofense Triage

Overview

What is Cofense Triage?

Cofense Triage accelerates phishing qualification, investigation, and response by automating standard responses to suspicious emails to make analysts more efficient and driving out actionable intelligence, and providing incident response playbook.

Read more
Recent Reviews

TrustRadius Insights

Cofense Triage offers a range of valuable use cases for users seeking to improve their email security. With its automated scanning and …
Continue reading

Threat Scope.

10 out of 10
August 06, 2022
Incentivized
The system is great; it really does take the worry away of parsing through emails that may be deemed benign or not. The deployment was …
Continue reading

Simple Yet Effective Tool

9 out of 10
July 05, 2022
We use the product to automatically triage emails reported as phishing. We receive a large number of spam emails. Cofense Triage has saved …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 4 features
  • Centralized Dashboard (35)
    8.0
    80%
  • Live Response for Rapid Remediation (31)
    7.0
    70%
  • Integration with Other Security Systems (34)
    6.8
    68%
  • Attack Chain Visualization (27)
    6.7
    67%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Cofense Triage?

Cofense Triage accelerates phishing qualification, investigation, and response by automating standard responses to suspicious emails to make analysts more efficient and driving out actionable intelligence, and providing incident response playbook.

Entry-level set up fee?

  • Setup fee optional
For the latest information on pricing, visithttps://cofense.com/pricing

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

8 people also want pricing

Alternatives Pricing

What is KnowBe4 PhishER?

PhishER is presented as a lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate threat response and manage the high volume of potentially malicious email messages reported by users. And, with automatic prioritization of emails, PhishER helps InfoSec and Security…

What is CrowdStrike Falcon?

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no…

Return to navigation

Features

Incident Response Platforms

Incident response (IR) platforms guide countermeasures against a security breach and deploy preplanned, automated threat responses

7.1
Avg 8.5
Return to navigation

Product Details

What is Cofense Triage?

Cofense Triage is a phishing-specific solution for qualifying, investigating, and responding to phishing attacks. Cofense Triage integrates intelligence-driven rules to reduce the noise generated by a reporting culture and surface those threats that put an organization at risk. Playbooks enable security operations teams and threat analysts to reduce their workload by automating the analysis of and response to known events, freeing up time to investigate the latest threats to the organization. And, with a fully documented API, Cofense Triage integrates with existing security investments, including ticketing systems and SIEM and SOAR platforms.

Cofense Triage Features

Incident Response Platforms Features

  • Supported: Integration with Other Security Systems
  • Supported: Attack Chain Visualization
  • Supported: Centralized Dashboard
  • Supported: Live Response for Rapid Remediation

Additional Features

  • Supported: Extensive & regularly updated rules library to identify emerging & evolving phishing threats
  • Supported: Smart clustering to group reported emails based on threat payload
  • Supported: Noise Reduction Engine to aid classification and processing of non-malicious reported emails
  • Supported: Integration with VirusTotal and other security tools including SIEM & Threat Analysis solutions
  • Supported: Comprehensive API
  • Supported: Create Recipes to automate processing of reported emails
  • Supported: Integrate with Cofense Vision for quick-click phish threat hunting and quarantine
  • Supported: Provide feedback to users who report to support awareness programs
  • Supported: Triage Community Exchange enabling crowdsourced threat intelligence

Cofense Triage Screenshots

Screenshot of Triage DashboardScreenshot of Triage Dashboard Cluster DetailsScreenshot of Triage Cluster DetailsScreenshot of Triage Cluster Malicious AttachmentScreenshot of Triage Cluster HeadersScreenshot of Triage Reporter DetailsScreenshot of Triage Noise Custom Rules

Cofense Triage Video

Cofense Triage

Cofense Triage Integrations

  • VirusTotal
  • SIEM solutions via Syslog
  • Cisco Umbrella Investigate
  • Lastline Analyst
  • Palo Alto Wildfire
  • Cuckoo Sandbox
  • ServiceDesk solutions via Email

Cofense Triage Competitors

Cofense Triage Technical Details

Deployment TypesOn-premise, Software as a Service (SaaS), Cloud, or Web-Based
Operating SystemsWindows, Linux, Mac, Linux virtual appliance
Mobile ApplicationNo
Supported CountriesGlobal
Supported LanguagesEnglish

Cofense Triage Downloadables

Frequently Asked Questions

Cofense Triage accelerates phishing qualification, investigation, and response by automating standard responses to suspicious emails to make analysts more efficient and driving out actionable intelligence, and providing incident response playbook.

Agari Phishing Response, KnowBe4 PhishER, and Avanan are common alternatives for Cofense Triage.

Reviewers rate Centralized Dashboard highest, with a score of 8.

The most common users of Cofense Triage are from Enterprises (1,001+ employees).

Cofense Triage Customer Size Distribution

Consumers0%
Small Businesses (1-50 employees)1%
Mid-Size Companies (51-500 employees)13%
Enterprises (more than 500 employees)86%
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(70)
Loading...

Attribute Ratings

Reviews

(1-25 of 38)
Companies can't remove reviews or game the system. Here's why
Score 7 out of 10
Vetted Review
Verified User
Incentivized
  • Grouping of incoming reports
  • Overview of metadata related to email, including rendered preview
  • Informative dashboard with quite some indicators available for selection
  • Product support could be better - there was an issue with some user accounts which was not resolved for a very long time
  • Lacking AI\ML capabilities - platform requires continuous efforts to be invested by the personnel in order to keep the quality of rules\automations high
  • Automatic remediation (e.g. purge of emails from mail server) of confirmed Phishing cases is not available - this is a separate product
March 03, 2023

Love Triage

Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • Provides a safe environment for investigation of potentially malicious emails
  • Ability to automate responses to reported emails
  • Makes reading of headers and attachments easy
  • Ability to leave a comment across clusters
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • Groups emails of the same type together
  • Applies tags to emails based on rules
  • Allows quick and efficient responses to users
  • The ability to customize responses on the fly would be helpful
  • The ability to hover over elements in the HTML preview to get a mouseover tool tip of things like the URL (not-clickable) would be a great improvement
Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • Clear view of all emails reported
  • Easy classification according to playbooks
  • Email breakdown in URLs, attachment and HTML code
  • Outdated UI
  • Lacking better user management
  • Short amount of filters
Score 8 out of 10
Vetted Review
Verified User
  • Risk rating emails using rules.
  • Scoring reporters based on their performance at reporting malicious vs non-malicious emails.
  • Previews and rating attachments.
  • Integrations using APIs to allow quicker analysis of URLs.
  • Adding additional mailboxes which can be customised for different analysts or rules to prioritise a 'Suspected Malicious' mailbox over a 'Suspected Spam' etc. mailbox.
  • Recipies and Triggers appear to be an overlap and 2 features which do the same thing.
  • Showing comments made on a cluster in the mailbox view can often help save time, rather than entering the contents of a message to see this information.
  • Automatic comments on messages based on a playbook would be useful, this may be a feature that exists on new versions however.
September 27, 2022

Cofense Triage is Great!

Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • Helps to categorise emails
  • Helps identify malicious emails
  • Easy to navigate with accessible dashboard
  • Include customizable categories for emails
  • Manual reporter score alterations
  • Display comments in table view
Score 9 out of 10
Vetted Review
Verified User
  • Automation using YARA
  • Clustering
  • Pulling IOCs
  • Custom responses
  • Comments when reporting an email from Microsoft Outlook
  • Open source intelligence integration
  • Auto-pulling emails
Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • Processed reports by type of emails which came during the day
  • Process reports by category (Non-malicious, spam, malware, fraud )
  • Average time to process a report
  • Cofense Intelligence rules
  • Improvement for email parsing like there are many parameters where the emails go through but sometimes they fail and becomes unparsed and the emails get into a pending state
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • Overview of all reported mails.
  • Customizable feedback towards reporter flexibility
  • Customizable Quick action menu
  • Integration with other tooling
  • Rules & recipies
  • Analyzing a mail is made easy due to the way the views are setup for the analyst
  • Analyzing attachments is a bit cumbersome
December 19, 2021

Cofense Triage Review

Score 10 out of 10
Vetted Review
Verified User
  • Reported email processing
  • Email management
  • Email categorization
  • Extensive reporting
  • Blocking phishing emails
  • Inline content filtering
Nishant Aggarwal | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Incentivized
  • Email Header Analysis and severity prioritization.
  • Intel fetch for the latest threats in the wild.
  • Auto Quarantine mails after integration with Cofense Vision.
  • User Interface.
  • Rule making should be in high level language.
  • Integration with SOAR.
Score 4 out of 10
Vetted Review
Verified User
Incentivized
  • Separating links and attachments contained in the email, and checking to see if they are known malicious.
  • Clustering like emails to save time when responding.
  • Providing risks scores with each cluster to give an estimate on which clusters should be addressed first.
  • plugin regularly disappears from outlook and is not available on all mobile platforms
  • UI updates tend to make the Triage page look nicer at first glance, but have often caused it to be more clunky and harder to use.
  • Lacks some features such as being able to send one off responses to submitted emails instead of just canned responses.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
  • Extraction of IOCs
  • Rules and recipes for automation.
  • Assist triage
  • API could be further improved for integration with other tools.
  • Improve Splunk Phantom App for two way communication.
  • Enable Catch a Phish support in the latest Mac OS (Catalina).
Score 7 out of 10
Vetted Review
Verified User
Incentivized
  • Cluster email reports from users.
  • Respond to users.
  • Whitelist known benign emails.
  • I would not consider Cofense Triage a full IR/investigation tool. The reporting is limited; you can't have analysts assign clusters like queues and cannot categorize outcomes. For instance, if you categorize something as credential theft you cannot add notes or anything indicating whether that attempt was successful.
August 20, 2021

Cofense Triage Review

Score 8 out of 10
Vetted Review
Verified User
Incentivized
  • Breaks down emails in a safe way for analysis.
  • Sends responses to reporters about their reported emails.
  • Breaks down metrics of what types of emails are reported every month.
  • Easier searching & reporting.
  • Ability to integrate with ticketing system.
Return to navigation