Cofense Managed Phishing Detection and Response

Additional Info

Company size (employees)500 to 999
Type of solutionSoftware


The one-of-a-kind Managed Phishing Detection and Response (PDR) service is delivered by our security experts in the Cofense Phishing Defense Center (PDC). Cofense Managed PDR is designed for organizations that lack the in-house expertise or resources to effectively defend and remediate against phishing attacks. Cofense PDC experts can detect and stop attacks on enterprise networks in 8 minutes.

Managed PDR customers benefit from the intelligence of Cofense’s 30 million global users, enabling identification and removal of phishing attacks impacting organizations, often before attack are even reported. Managing the queue of reported suspicious emails, enterprises are notified immediately after a malicious email has been identified by a PDC analyst. Businesses also receive a detailed escalation report that provides threat context along with remediation recommendations. All first and second stage IOCs are made available via API – further enhancing a rapid response and mitigating an attacker’s impact.

Cofense Managed PDR is:

High-Fidelity Threat Intelligence: Analysts in the Cofense PDC leveraging the latest human-vetted phishing threat intelligence to quickly identify and eradicate threats in the business’s environment. This includes protection from zero-day phishing attacks, intelligence from more than 3 million suspicious emails and 300,000 PDC analyst investigations each year, and a 99.999% categorization accuracy.

Faster Threat Remediation: In a matter of minutes, not days or weeks, phishing attacks are identified and quickly removed from the environment before a successful attack can occur. The median time to analyze, respond and remediate is about 60 minutes, with some phishing attacks stopped in as little as 8 minutes.

Strategic Partnership: A monthly report complete with month over month trends, noteworthy data points, and benchmarking against industry peers is delivered by a dedicated Cofense team members to stakeholders each month so organizations can make data-driven decisions.

How we are different

* Phishing Intelligence Network (PhIN): PhIN is Cofense’s unique data source from 30 million email users reporting suspected phish. Because end users report phish that reach their mailbox, Cofense sees data on every email that evades every existing email security solution and affords the relevant indicators of compromise (IOCs) to arm our customers to prevent these attacks – and variations of them – whether they have been reported or seen before.

* Partnership with the PDC: The PDC is the world’s first and only phishing-dedicated SOC. While other vendors offer managed services focused on managing allow lists, security awareness and SOC tools, the PDC is purely dedicated to analyzing and remediating every reported email. Not only does the PDC handle every reported email, but it does also so with an average response time of eight minutes and at a 99.998% categorization accuracy, keeping environments safer, round-the-clock, than in-house SOCs. At the same time, it frees up incident response teams to focus on other priorities. A monthly report demonstrates program results and noteworthy trends specific to each organization aiding in both tactical and strategic decision-making.

* Automatically Quarantine Threats: Once a phish is confirmed, Cofense AutoQuarantine removes it from inboxes across an organization without requiring intervention from the customer. We have observed this entire cycle from report to removal to be near instantaneous when configured to quarantine without analyst review. The intelligence is then shared with other Cofense customers so the same attack can be stopped in their environments often before any suspected phish is ever reported. When considering customers leveraging AutoQuarantine, 84% of customers had an attack automatically mitigated that nobody at their organization had reported showing the value of intelligence sharing across the Cofense customer base. A potentially significant risk is reduced to zero without human intervention.