SlashNext Launches Industry’s First Real-Time Threat Intelligence Service Covering All Major Types of Phishing Threats
March 2019 by Marc Jacob
SlashNext announced its Real-Time Phishing Threat Intelligence solution, the industry’s first and only phishing-focused threat intelligence that covers all six major categories of phishing and social engineering threats, including credential stealing; scareware; rogue software; phishing exploits; social engineering scams; and phishing callbacks. This provides IT security teams with the broadest phishing threat intelligence available to better understand and protect their organizations from zero-hour social engineering threats.
SlashNext threat intelligence is produced via global dynamic URL sourcing together with SlashNext’s proprietary, cloud-based threat detection technology. SlashNext threat detection is based on a new approach using Session Emulation and Environment Reconnaissance (SEER). Unlike other anti-phishing technologies which rely on outdated URL inspection and domain reputation analysis, SEER uses virtual browsers in a purpose-built cloud to dynamically inspect sites using advanced computer vision, optical character recognition, natural language processing, lexical analysis, and active site behavioral analysis. By dynamically inspecting page contents and server behavior together with patent-pending machine learning algorithms, SlashNext can detect a wider range of phishing threats in real-time with exceptional accuracy and near-zero false positives. This results in more comprehensive, definitive, and timely threat intelligence on live phishing threats.
With tens of thousands of new phishing sites going live each day, and most disappearing in just 4-8 hours, SlashNext performs automated URL rechecking and retirement. This results in a continuously updated list of active phishing URLs, domains, and IPs, to give enterprise security teams the industry’s broadest, most up-to-the-minute intelligence on live phishing threats. SlashNext Real-Time Phishing Threat Intelligence is accessed via simple RESTful API. Users can request threat intelligence in multiple formats, including JSON, CSV, or plaintext. Users can also request just domains, IPs, wildcard URLs, and full URLs to best suit their needs. Each includes automatically generated IOC metadata. API access to machine-readable threat intelligence enables easy integration with popular threat intelligence platforms, SIEMs, and infrastructure such as firewalls and DNS.
When SlashNext’s Real-Time Phishing Threat Intelligence is integrated with an organization’s infrastructure for blocking, this cloud-based service provides a sinkhole service that provides employees with blocked site warning pages as well as incident alerts and daily reports for security administrators.