PhishER

Identify and Respond to Email Threats Faster

Contain Data Breaches in Minutes

Schedule a Demo

Identify and respond to email threats faster

With automatic prioritisation for emails, PhishER™ helps your team cut through the inbox noise and respond to the most dangerous threats, quickly.
Because phishing remains the most widely used cyber attack vector, most end users report a lot of email messages they “think” could be potentially malicious to your incident response team.


Whether or not you step employees through security awareness training doesn’t change the fact that your users are likely already reporting potentially dangerous emails in some fashion within your organisation. The increase of this email traffic… can present a new problem!


With the constant flow of spam and malicious emails that attack your network, some 7-10% of these make it past your filters. With only approximately 10% user-reported emails being verified as actually malicious, how do you not only handle the high-risk phishing attacks and threats, but also effectively manage the other 90% of user-reported messages accurately and efficiently? Now, there is PhishER.

Key Benefits

  • Cut through the inbox noise and respond to the dangerous threats quickly and efficiently reducing the risk to your organisation.
  • Full integration with KnowBe4's Phish Alert Button allows the automatic prioritisation of emails that aren't threats.
  • See clusters or groups of messages based on patterns so that can help you identify a widespread phishing attack on your organisation.
  • Meet critical SLA's within your organisation to process and prioritise threats and legitimate emails
  • Free up resources to identify and manage the 90% of messages that are either spam or legitimate email.
  • Automated email response email templates lets you communicate quickly back to your employees about the emails they need to continue working.
  • PhishML™ is machine learning for PhishER and analyses each message coming into the PhishER platform which gives you the information to make your prioritisation easier, quicker with more accuracy.
  • You can create custom workflows for tasks such as alerting and prioritisation so that the team can focus on the right messages.
PhishRIP™ is a new PhishER email quarantine feature that integrates with Microsoft 365 and G Suite to help you remove, inoculate, and protect against email threats so you can shut down active phishing attacks fast.

What is PhishER?

PhishER is the key ingredient of an essential security workstream. It's your lightweight Security Orchestration, Automation and Response (SOAR) platform to orchestrate your threat response and manage the high volume of potentially malicious email messages reported by your users.  And, with automatic prioritisation of emails, PhishER helps your InfoSec and Security Operations, or plain old IT Team, team cut through the inbox noise and respond to the most dangerous threats more quickly.


Additionally, with PhishER you are able to automate the workstream of the 90% of reported emails that are not threats. Incident Response (IR) orchestration can easily deliver immediate efficiencies to your security team, but the potential value is much greater than that.


With the right strategy and planning, your organisation can build a fully orchestrated and intelligent SOC that can contend with today’s threats. PhishER enables a critical workstream to help your IR teams work together to mitigate the phishing threat and is suited for any organization that wants to automatically prioritize and manage potentially malicious messages - accurately and fast! PhishER is available as a stand-alone product or as an add-on option for current KnowBe4 customers.

Why Choose PhishER

PhishER is a simple and easy-to-use web-based platform with critical workstream functionality that serves as your phishing triage room to identify and respond to user-reported messages. PhishER helps you prioritise and analyse what messages are legitimate and what messages are not - quickly. With PhishER, your team can prioritise, analyse, and manage a large volume of email messages - fast! The goal is to help you and your team prioritise as many messages as possible automatically, with an opportunity to review PhishER’s recommended focus points and take the actions you desire.


With PhishER Security Roles, you can easily distribute your team's workload of email analysis and dispositioning from within PhishER. Use Limited and Full access Security Roles to implement a multi-tiered incident response system based on the severity levels of your user-reported messages in PhishER. 


Geoffrey Parker recently published a whitepaper for the SANS Institute Information Security Reading Room called Automating Response to Phish Reporting which is an excellent independent analysis of available triage tools. Read it here. 

PhishER processes user-reported phishing and other suspicious emails by grouping and categorising emails based on rules, tags, and actions. PhishML, the custom machine-learning module, analyses messages and generates confidence values which are used to tag messages. PhishRIP helps you easily find and quarantine suspicious messages still sitting in mailboxes across your entire organisation.