Security vendor Sophos announced the official launch of its Phish Threat attack simulator on Jan. 25, in an effort to help improve end-user and organizational readiness for phishing attacks.
Sophos didn’t build the Phish Threat technology on its own, rather the platform was acquired from privately-held security consultancy Silent Break Security in November 2016. Phish Threat enables organizations to simulate phishing attacks to test user responses.
“Our goal with Phish Threat was to make a platform that is effective and easy for organizations,” Brady Bloxham, creator of Phish Threat, told eWEEK.
Bloxham said that while there are other phishing testing platform in the market, in his view, they don’t always reflect the evolving threat landscape. Now as part of Sophos, Phish Threat benefits from the Sophos Central platform, which is an effort to provide a consolidated view of security devices and controls across an organization.
“Everyone in this space is really just a training vendor,” Bloxham said. “With Sophos being a security company, we can now provide customers with a more holistic perspective of an organization’s security,”
The core promise of the Phish Threat platform is that by testing users, lessons will be learned and behavior can improve over time. Bloxham said that he doesn’t expect that the click rate on phishing emails will ever go down to zero. That said, he emphasized that he has seen positive results from the use of Phish Threat in reducing phishing rates among customers.
Bill Lucchini, SVP and GM for Sophos Central Security added that having a phishing testing platform further helps to build a culture of security awareness. From a broader perspective, Lucchini said that in addition to awareness, there are the Sophos security technologies that stand behind employees. for those times when they do actually click on a real phishing attack email.
Sophos has been actively expanding its capabilities in recent years to help secure organizations. Sophos announced a capability called security heartbeat in 2015 that helps to enable a synchronized security approach. In September 2016, Sophos launched its InterceptX next generation endpoint security technology. Lucchini explained that InterceptX has exploit prevention capabilities as well root cause analysis insight to show organizations how threats come into an organization.
The Phish Threat information will now be exposed to Sophos Central users. At a deeper level, Sophos is working on additional integrations to further make use of the Phish Threat information.
“In the background, we’re building up the user profile,” Lucchini told eWEEK. “We’re then exposing the information via private APIs to internal security clients, to be able to consume information about the user and make better decisions.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.