SlashNext Unfurls AI Platform to Prevent Phishing Attacks
SlashNext today launched a security platform that uses machine learning algorithms to identify and remove phishing attacks from email.
Patrick Harr, SlashNext CEO, said the SlashNext Email Protection for Microsoft 365 provides real-time scanning, detection and removal of threats before they reach users. The company claimed it can deliver a 99.9% accuracy rate with a one-in-a-million false positive rate.
That capability stops 65% more links to spear phishing, business email compromise (BEC), malware and ransomware threats than all other cloud-based email security services, Harr said.
Previously, SlashNext provided an email security service that removed phishing attacks after they had landed in an email inbox. This offering prevents those phishing attacks from ever landing in those email inboxes, said Harr. The company plans to extend this capability to other email and social media platforms as well, he added.
There are also search and analytics tools that enable security professionals to pinpoint threats by user and type across email, web and mobile channels.
In addition, there are extensible REST application programmable interfaces (APIs) through which SlashNext can be integrated with other security tools such as security information event management (SIEM) platforms.
In general, Harr said it’s become obvious that organizations are going to have to rely on bots in the form of machine learning algorithms to combat the bots that cybercriminals are regularly employing to launch attacks based on a wide range of social engineering techniques.
Most organizations, however, are too dependent on the ability of end users to identify phishing attempts that aim to steal their credentials as a prelude to a ransomware attack. Eliminating phishing attacks from email inboxes before they are ever opened protects the organization in a way that doesn’t rely solely on how vigilant an end user is on any given day.
In fact, Harr noted phishing attacks are now also being launched across multiple channels. These days, it’s not uncommon for cybercriminals to, for example, pretend they are having an issue with a Zoom connection to encourage unsuspecting end users to share documents via another cloud sharing service, noted Harr.
SlashNext claimed it only takes about five minutes to set up and configure its service using the Microsoft Graph API. Access to the platform itself is made secure using the OAuth API.
It’s becoming more apparent that various types of AI technologies will need to be employed to combat the increasing volume and sophistication of cybersecurity attacks, reliance on cloud-based security platforms will increase. The amount of data required to train an AI model exceeds the capability of the average IT organization to create on their own. In time, most organizations will be employing multiple cloud-based services from vendors that have infused them with AI technologies to help combat cybersecurity threats.
Not every cybersecurity professional has the same amount of confidence in AI. Over time, however, it’s apparent AI will play a major role in augmenting the expertise of chronically understaffed security teams. The goal is not to replace cybersecurity teams as much as it is to level a decidedly unlevel cybersecurity playing field.
