Cofense Triage from an MSSP point-of-view
October 11, 2022
Cofense Triage from an MSSP point-of-view
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Cofense Triage
We run Cofense Triage as an MSSP, offering as part of a managed service to our clients. We provide the analysts who Triage the reported emails, make decisions on their authenticity and malicious intent. Our analysts then provide feedback to the reporter and we summarize details of the overall Triage service on a regular basis. We use Triage in conjunction with Vision to provide an overall email security service.
- Risk rating emails using rules.
- Scoring reporters based on their performance at reporting malicious vs non-malicious emails.
- Previews and rating attachments.
- Integrations using APIs to allow quicker analysis of URLs.
- Adding additional mailboxes which can be customised for different analysts or rules to prioritise a 'Suspected Malicious' mailbox over a 'Suspected Spam' etc. mailbox.
- Recipies and Triggers appear to be an overlap and 2 features which do the same thing.
- Showing comments made on a cluster in the mailbox view can often help save time, rather than entering the contents of a message to see this information.
- Automatic comments on messages based on a playbook would be useful, this may be a feature that exists on new versions however.
- Triage has been excellent and has prevented multiple malicious emails from compromising the client.
- The analysis of these malicious emails also allowed us to monitor for IOCs, which can prevent further attacks.
- Overall, considering the attacks it has prevented, this has definitely been worth the money.
Triage is an excellent solution for analysing and triaging emails. It has a set of rules which can be used to rate the risk of meaages, these rules are updated on a daily basis to keep up with known IOCs of attackers. The support from Cofense is also excellent and reaching out to them for support is always very valuable.
Do you think Cofense Triage delivers good value for the price?
Yes
Are you happy with Cofense Triage's feature set?
Yes
Did Cofense Triage live up to sales and marketing promises?
Yes
Did implementation of Cofense Triage go as expected?
No
Would you buy Cofense Triage again?
Yes