Cofense PhishMe Review: Gone Phishing!
Updated December 27, 2021
Cofense PhishMe Review: Gone Phishing!
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Cofense PhishMe
[Cofense] PhishMe is being used by our department in an organization-wide effort to combat our #1 Attack Vector. [Cofense] PhishMe is able to address the queue and automation of submitted emails from our users. [Cofense] PhishMe also address the necessary information needed from emails submitted by parsing accurate and relevant information in our analysts' view.
Pros
- Recipe and rule matching [...] enables an advanced method to target, filter, and take quicker action on suspicious emails.
- Clustering similar events [...] organize and save time on MTTD and MTTr for incidents and intervention.
- Parsing critical information such as IPs, Email addresses, and URLs to help aggregate all the information into 1 single pane.
- Email and HTML preview allow ease of visibility without having to download or find/fetch the original content.
Cons
- Many of the URLs come in with an unknown reputation and although it may be challenging from threat intel feeds, somehow allowing a more in-depth analysis of the URL can provide better/quicker decision making or validation.
- Adjustable widgets for reporting, although the provided are already built very well.
- Provide in-house templates or summaries of actionable items, such as a single brief on a major phish.
- Recipes in the system are capable of handling almost 2x what an analyst does, which cuts down the efforts [of] an analyst and provides more time for accurate strategies.
- With roughly 90% false positives coming through, the remaining 10% of true positives need as much attention as they can get for the full investigation and analysis.
- 1,500 or more phishing messages can come through in a given week and the amount of time/employees required to review this without a tool like Cofense is surely beyond [the] expected/anticipated budget.
Cofense PhishMe is a very usable and customizable suite and compared to a previous product, it's hard to go back. After using [Cofense] PhishMe, I don't want to look for another product since the features are rich and the usability is relatively straightforward. Information and intel are easy [to] parse out, and all of the artifacts are available from one screen.
Do you think Cofense PhishMe delivers good value for the price?
Yes
Are you happy with Cofense PhishMe's feature set?
Yes
Did Cofense PhishMe live up to sales and marketing promises?
Yes
Did implementation of Cofense PhishMe go as expected?
I wasn't involved with the implementation phase
Would you buy Cofense PhishMe again?
Yes
Comments
Please log in to join the conversation