The never-ending deluge of phishing emails, malware and ransomware threats can leave incident response and security operation teams (SOC) looking for faster ways to analyze user-reported malicious emails without risking their environments.
Manually-triaging every email and being forced to switch between security applications/interfaces only slows response times, increases the chances for human error and means valuable threat intel can be missed.
This is why we’re proud to announce the new KnowBe4 PhishER Plus and CrowdStrike Falcon Sandbox integration. The integration allows admins to investigate potentially malicious files faster, and more efficiently, all from a single console.
CrowdStrike Falcon Sandbox is a malware analysis tool that provides a safe way to analyze files and URLs for malicious content in a protected, sandbox environment. It streamlines investigations and enables security operations teams to provide faster threat protection and response.
KnowBe4 PhishER Plus is a lightweight, security orchestration, automation and response (SOAR) platform that uses a global threat intelligence feed and AI-powered blocklisting to mitigate phishing attacks.
By integrating the two, users can now submit potentially malicious emails, attachments and URLs to CrowdStrike Falcon for analysis, to pull report data and perform advanced search queries. After CrowdStrike scans an attachment or URL, a malware analysis report is made available within PhishER Plus. Other benefits/capabilities include:
- Automated Scans and Detonations: PhishER Plus rules and actions empower you to automate scans and detonations.
- Streamlined Analysis: Simplify your workflow by analyzing links and attachments from a single, intuitive console: PhishER Plus. No more juggling multiple interfaces.
- Maximized ROI: PhishER Plus seamlessly integrates with CrowdStrike Falcon Sandbox, amplifying its value and ensuring a higher return on your investment.
- Effortless Triage and Reporting: Easily triage, analyze, and report on files or URLs found in malicious phishing emails.
Your time and expertise are valuable. The PhishER Plus integration with CrowdStrike Falcon Sandbox is designed to enhance both. Increase your operational efficiency, streamline your processes, and help your team stay on top of today’s emerging threats.
CrowdStrike Falcon Sandbox Integration is available to KnowBe4 customers with a full PhishER Plus subscription.
For more information on the PhishER Plus integration with CrowdStrike, check out the Knowledgebase article: https://support.knowbe4.com/hc/en-us/articles/18853966211219