Old UI
  • Documentation Platform
    • Technical Guide
      • Whitelisting
        • Whitelisting the Pictures on Microsoft Outlook Apps
      • Minimum Requirements
      • On-Premise Requirements
        • Restricting the Access to Portal According IP
          • How to Import SSL Certificates in IIS
        • Why does the disk on the server fill up fast?
      • Getting Started
      • Phishing Simulator
      • Awareness Educator
      • Incident Responder
        • How does investigation mechanism work?
          • Benefits of Phishing Incident Responder
          • Reverse Engineering Support
          • Privacy and Security
          • Audit
          • Integrations
        • API Settings
          • Configuration steps for Office 365: Microsoft Graph App Configuration
          • Exchange Mail Configuration
          • GSuite API Configuration Guide
          • Gsuite Mail Configration
        • Analysing Suspicious Emails
          • Starting an Automatic Incident Investigation
          • Starting a Manual Incident Investigation
          • Playbook
        • FAQ (Incident Responder&Phishing Reporter)
      • Phishing Reporter Add-In
        • Installation
        • Microsoft Defender Email Reporter Add-In
      • Email Threat Simulator (ETS)
        • Creating a Trusted Account for E-mail Security Tests
          • Restriction of the Authority of the Test Account
          • Restrict Email Address
          • Enable Mailbox Audit Logging for Test Account
        • Dashboard
        • Quick Scan
        • Advanced Scan
        • Interpretation of ETS Report
        • FAQ ( ETS)
      • Threat Intelligence
        • FAQ (Threat Intelligence)
      • Report Manager
        • Phishing Campaign Report List
          • Phishing Campaign Summary
          • Statistics
          • Opened Email
          • Clicked Link in The Phishing Campaign Email
          • Submitted Form
          • Opened Attachment
          • Phishing Reporter
          • Campaign No response
          • Email Delivery Report
          • Phishing User Compare
          • Departments
        • Training Campaign Reports
          • Training Summary
          • Training Statistics
          • Opened Training Email
          • Clicked Training Link
          • View Duration
          • No Response
          • Sending Report
          • Training User Compare
          • Exam
        • Users KPI
          • User-based Grade
          • Department-based Grade
          • Target Group based grade
          • Company-based grade
        • Advanced Reporting
      • Company
        • User Role Management
      • Advanced Settings
        • Allow Email Domains
        • White Labelling
        • LDAP Settings
        • SCIM Integrations
        • Notification Templates
          • Short Codes
          • Using Notification Templates
        • Data Anonymisation
      • Available for Option
      • API Guide
        • REST API for Incident Responder (IR) Operation
        • REST API for SSO Authentication
      • Diagnostic Tool
        • FAQ
    • Maintenance Tool
    • FAQ (All Modules)
      • Video Tutorials
        • Quick Start
        • Google Workspace API Configuration Guide
        • On Premise Requirement Checker Video
        • Phishing Reporter Installation & Deployment
Powered by GitBook
On this page
  • Phishing Incident Analysis and Response Self-Assessment Questionnaire
  • About Phishing Incident Responder
  • Differentiations
  1. Documentation Platform
  2. Technical Guide

Incident Responder

Phishing Incident Analysis and Response Self-Assessment Questionnaire

  1. What kind of tool do you offer your users to report a suspicious email?

  2. How long does it take to analyse a suspicious email with its links and attachments?

  3. Are you convinced about the quality of your email analysis?

  4. How do you prevent a malicious email that crosses all security measures and gets into the inbox before a user opens, clicks, or runs the link in it?

  5. How do you know which users in your organisation have phishing email in their inbox?

  6. How long does it take you to find out which users have a suspicious email in their inbox?

  7. How long does it take to delete a suspicious email from users’ inbox?

  8. How long does it take to block a spear-phishing on active security devices?

  9. Which services do you use to block the next generation threats?

  10. Do you have expert support for analysing and blocking advanced attack vectors like zero-day?

About Phishing Incident Responder

The Phishing incident responder module analyses a suspicious email, and according to results, it takes action at the inbox level.

In addition to the analysis engines it owns, Platform also analyses with the engines of different technologies it is integrated. In this way, it enables an institution to acquire the technologies that it doesn’t have.

Differentiations

The traditional methods of investigating and deleting a suspicious email have many limitations:

  1. Making an investigation in email server like the exchange, postfix etc., causes

    a. serious performance consumption,

    b. finding a needle in a haystack with a single source,

    c. the need for the coordination of different teams which delays to detect the incident and response it. With the survey we conducted, we observed that the average period of making an investigation in the enterprise sector was one day.

  2. Due to a synchronisation problem, a copy of an email that you deleted from the email server may still be in the user’s email inbox, which will not protect your user from risks. Especially for mobile users working outside the office network, it is a severe problem for organisations to find and delete malicious email from the inboxes.

  3. However, since Platform does this operation through the add-in technology that each user has in their email, it can complete the incident investigation and response process in under a minute without any performance problems.

PreviousAwareness EducatorNextHow does investigation mechanism work?

Last updated 1 year ago