Pick an email ingestion method
Select from IMAP, SMTP, file share, or S3 sources for real time ingestion of your organization's emails. Microsoft Office 365 and G Suite integration are coming soon!
Build automation around PhishBarrel's API
Write security orchestration playbooks, integrate with third party threat intelligence, and search quickly for anything (text, hashes, URLs) in emails. The sky is the limit with how your organization can leverage the email data available in PhishBarrel.
Lightning Fast Search
Search emails for free-form text, attachments, URLs, and hashes...in addition to some other secret sauce attributes (request a demo).
Seamlessly integrate your existing security operations analytics and reporting (SOAR) workflows with PhishBarrel's API.
Enriched email analytics
Provide better context and attributes about every email, URL, and attachment entering your organization.
Decreased reaction/remediation time during security incidents
During a phishing attack, those first few minutes are precious. Quickly gain visibility and situational awareness about the phishing attack.
Identify similar malicious emails
Attackers evolve and PhishBarrel is prepared to handle that. Identify tweaks and modifications to campaigns to quickly discover a change in an adversary's tactics.
No hardware/software management
PhishBarrel is completely cloud native with encryption at rest and transfer when possible.
Search emails for a key word
Your Security Operations Center learns of a Business Email Compromise phishing campaign requesting funds be transferred to account 11223344. With PhishBarrel, you can quickly search all emails for that text phrase "11223344" to determine if your organization is being targeted.
Determine users receiving an email with a credential stealing URL
A user reports they entered their credentials into a fake web page. With PhishBarrel, you can quickly query all your emails for the URL to determine other recipients.
Search for malicious hashes
Your threat intelligence feed reports a document with a specific hash is a known ransomware variant. With PhishBarrel, you can determine which recipients received the email with that attachment.
What type of organization is ideal for PhishBarrel?
Any organization with a security team looking to enhance their insight into inbound emails, increase phishing playbook automation, and develop more security orchestration around phishing incident response.
Does PhishBarrel only operate in passive mode?
Currently yes. An active inline solution to block, warn, and prevent phishing emails from reaching your organization's users in the first place is being developed.
Should I have concerns that it is hosted in the cloud?
Your organization may have a different risk tolerance, but we can leverage incredible scalability, features, and security by hosting PhishBarrel in the cloud.
How long are emails kept?
This is up to your organization, but emails can be retained for 1-60 days.
Will you read my emails?
No. We understand the potentially sensitive information PhishBarrel could be privy too, but we take your personal and organization's privacy seriously and want to earn your trust. Also, we have enough of our own emails to wade through everyday.
Will this break the flow of inbound email to my organization?
No. Currently, PhishBarrel is completely passive. If the service goes down, it will not affect your organization's email flow.
If Phishing is the #1 attack vector, why aren't more companies trying to solve this problem?
That's a great question and one we asked ourselves when we started developing PhishBarrel. Check out Momentum Cyber's CYBERscape graphic and see if you can find the small set of companies tackling "Messaging Security".
What are some analogies for what PhishBarrel does?
Translating technical mumbo jumbo to leadership can be challenging sometimes. Even though you see the value in PhishBarrel, they may not and need some help understanding what it does. PhishBarrel can be described as:
- Google for email - search all of your organization's emails for anything.
- Alexa/Siri for email - the know-it-all sage that has all the email answers.
Our organization leverages a Managed Security Service Provider (MSSP), can they use this?
Can this be used for outbound email traffic?
Do you support on-premise deployments?