Email security firm Ironscales announced its Themis artificial intelligence powered security assistant technology on Aug. 1, providing organizations with new capabilities to defend against phishing attacks.
With Themis, Ironscales is looking to mimic the capabilities and analytical processes of a human security analyst to identify phishing emails that are able to bypass the company’s IronTraps incident response platform. Themis is powered by machine learning algorithms that were trained on multiple years of decisions from the Ironscales Federation peer-to-peer phishing intelligence module.
“The platform that we built at Ironscales from the beginning was designed with the concept of detecting and responding to phishing attacks that were already hitting employee inboxes,” Eyal Benishti, Ironscales’ founder and CEO, told eWEEK. “Phishing is becoming a game of quick detection and automated response, and with that in mind we have expanded our platform.”
The name “Themis” comes from a deity in ancient Greek mythology that provided good counsel and was able to make the right judgments. It’s the idea of making good judgments on potential email security incidents that Ironscales is drawing on for its product.
Benishti said Ironscales already provides human security analysts with a lot of information about potential threats to help them make decisions. With Themis, Ironscales is making use of data that it has collected over the past four years about how human analysts have made decisions about phishing incidents.
How It Works
The core IronTraps platform can typically resolve approximately 85 percent of email phishing incidents, according to Benishti. For the remaining 15 percent that are not automatically resolved, Ironscales provides organizations with forensic data to help analysts make decisions.
“We collected information on the different verdicts that were made by different analysts on multiple types of emails from companies across many sectors,” he said. “After analyzing that data with seven different machine learning models, we came up with Themis, which is an artificial intelligence entity that mimics the operations human security analysts perform on a daily basis.”
Themis uses a mix of supervised and unsupervised machine learning approaches, including both open-source and proprietary models. Benishti said Themis is constantly being trained as new decisions are made by human analysts, making the model smarter.
Machine learning is a technology approach that is becoming increasingly common across cyber-security vendors. What Themis is providing is different from how other email security vendors are using machine learning, he said.
“Other vendors use machine learning on email data. They push bad emails and good emails to the algorithm to teach the system what is good and what is bad,” Benishti explained. “What we have trained Themis on is what kind of decisions human beings are making in the context of specific emails or email groups.
“We have taught Themis how to mimic behavior about email decisions and not necessarily how to tell a good email from a bad email,” he added.
Looking forward, Benishti said Ironscales has more innovation on its product roadmap for 2018 to help organizations better protect email and messaging security.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.