Cofense Expands SOAR Integration Partners to Accelerate Phishing Incident Response

LEESBURG, Va., Aug. 3, 2020 – Cofense®, the global leader in intelligent phishing defense solutions, today announced enhanced phishing analysis integrations with Cofense TriageTM and Cofense IntelligenceTM to further complement security orchestration, automation and response (SOAR) solutions from Palo Alto Networks Cortex XSOAR, ServiceNow Security Incident Response and Splunk Phantom.

Enhanced integrations between Cofense Triage, Cofense Intelligence and SOAR solutions enable security teams to quickly respond to phishing campaigns that slip past perimeter defenses

“Threat actors design their attacks to bypass email security controls and successfully deliver phishing emails directly to employee inboxes – technology alone is not enough to stop or analyze phishing threats. Cofense solutions leverage the intelligence of over 23 million human sensors to identify phishing attacks that technology misses every day,” said Allan Carey, Vice President of Business Development at Cofense. “Cofense Triage and Cofense Intelligence are complementary to SOAR, security information and event management (SIEM) and threat intelligence platform (TIP) tools, seamlessly integrating with existing security operations technologies and processes. We are committed to growing our technology partnerships and integrations, which provide mutual customers with accurate and reliable phishing defense determinations.”

Before phishing threats become actionable, security operations teams must quickly prioritize and analyze large volumes of suspicious emails to understand what is truly malicious. Cofense Triage automatically inspects employee-reported suspicious emails and turns phishing threat indicators into actionable intelligence to help security operations teams respond in minutes to threats that slip past perimeter defenses such as secure email gateways (SEGs). Cofense Intelligence is human-verified phishing intelligence that provides high-fidelity phishing indicators for security teams to respond with confidence when taking action on a phishing threat. Today’s leading SOAR solutions offer many benefits for security operations teams, and Cofense Triage and Cofense Intelligence continue to augment phishing incident response capabilities SOARs offer.

Cofense Intelligence is an easy to consume API feed of malware and credential phishing campaigns. The feed supports automated ingestion into an organization’s SOAR, SIEM, TIP and other select technologies so that defenders can take swift action against emerging phishing campaigns. Every piece of Cofense Intelligence published is rigorously vetted by Cofense and includes the context an organization needs to understand the impact of phishing indicators of compromise (IOC) and threat actor tactics, techniques and procedures (TTPs).

“Cofense Triage integrating with Cortex XSOAR helps our security operations team quickly analyze, automate, and respond to phishing attacks in minutes, not hours,” said Rick DeLoach, Associate Director of Security Architecture and Operations, ADT. “The solutions are complementary to help analysts define and execute an effective workflow.”

For a limited time, organizations can also stay on top of the latest threats that are confirmed to have reached employees inboxes with 90 days of free access to Cofense Intelligence. To learn more, visit the Cofense Real Phishing Threats searchable database and SEG Infocenter.

Cofense Triage offers comprehensive clustering capabilities to group reported emails by payload fingerprint, which addresses the challenge of understanding threats holistically. This allows analysis at a threat campaign level, rather than an individual email level. Organizations looking for a managed phishing defense solution can turn to Cofense’s Phishing Defense Center® (PDC) and receive analyst-reviewed indicators into their SOAR platform and automate escalation and response.

About Cofense
Cofense®, the leading provider of intelligent phishing defense solutions worldwide, is uniting humanity against phishing. The Cofense suite of products combines timely attack intelligence on phishing threats that have evaded perimeter controls and were reported by employees, with best-in-class security operations technologies to stop attacks faster and stay ahead of breaches. Cofense customers include Global 1000 organizations in defense, energy, financial services, healthcare and manufacturing sectors that understand how changing user behavior will improve security, aid incident response and reduce the risk of compromise. For additional information, please visit or connect with us on Twitter and LinkedIn.

This post was first first published on Cofense’s website by Cofense. You can view it by clicking here