Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
2018 Holiday Shopping Season Threat Activity: A Snapshot
The 2018 holiday shopping season was the largest ever for online retailers, but threat actors filled their pockets, too.
So what did the threat activity around this shopping frenzy look like?
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
Be Smarter About Finding Phish
Every day, threat actors send millions of malicious emails to their targets. Attackers target employees of enterprises to gain access to internal systems, as well as customers to fool them into handing over payment card info or login credentials. Subjects of their attack emails range from ad campaigns soliciting views of a particular product to deliberately stealing system credentials or financial information.
Security teams need a solution that tracks against a wide range of sources to provide accurate, comprehensive coverage against rapidly growing phishing threats to identify quickly evolving phishing attempts directed at your organization, customers, and partners at scale.
Enterprise security programs often utilize automated, internal phishing detection systems to detect phish targeting employees, but these systems don’t see or protect against phishing threats to customers and partners. RiskIQ can scan emails from your internal phishing systems as well as suspected emails submitted by customers through an external-facing abuse box. RiskIQ then applies intelligence to find, confirm, and take down phish.
The RiskIQ External Threat Management platform continuously scans web pages from Domain-based Message Authentication, Reporting and Conformance (DMARC), blacklists, threat intelligence vendors, email abuse boxes, and referrer log integrations for known phishing signatures. Meanwhile, our machine learning classification algorithm and virtual user technology finds and confirms unreported phishing pages.
Automate your workflow to shorten the mean time to mitigation per phish. RiskIQ crawls URLs on demand, automating URL investigations from Proxy, Email, DNS, and HTTP referrers and enriching internal logs with real-time intelligence.
Know where the phish are. RiskIQ detects phish with data beyond that found in an email—social media, digital ads, and known phish events within the RiskIQ index compiled from over 30 million phishing pages scanned.
Get the datasheet: PassiveTotal Research and Investigate Threats
Scan your Abuse Box. Suspicious emails sent to employees and customers can be forwarded to an abuse box, and RiskIQ will scan emails and follow links with our virtual user technology, automating the phishing detection and confirmation process.
Manage the phish lifecycle. From detection to takedown, RiskIQ can automate the phish detection and confirmation process. The platform allows you to submit pages directly to Google Safe Browsing and Microsoft to block the attacker’s campaign.
Read the Tech Note: RiskIQ and Email Security
Reduce your security team’s time to detection and phish remediation by utilizing RiskIQ to automatically analyze emails from your DMARC platform, spam filters, and abuse box. RiskIQ’s virtual user technology will crawl all of the links in emails, checking for matching blacklisted URLs, known phishing pages, or pages hosting malware.
Uncover additional phishing infrastructure by Investigating confirmed phishing infrastructure using PassiveTotal to uncover additional sources for phish or malicious campaigns against your users and brand.
Read the datasheet: Anti-Phishing Technology