Human Managed app hm.works 1.4 released with phishing detection dashboard
Since its first release on 13 March 2023, the Human Managed web app hm.works has been getting fresh updates every single week.
hm.works' 1.0 journey started with the most fundamental knowledge for any business that operates digitally: intel on existing digital assets (services, products, resources that are in digital form).
Then, hm.works' 1.1 added more intel on a business' digital assets, by reporting on the assets' state, or overall posture. An asset's posture is measured by the controls (checks, rules, policies) that are enabled on the asset.
hm.works 1.2 delivered even deeper layers of intel on a business' digital assets: behaviors discovered and detected, which (positively or negatively) affect the business.
Then, hm.works 1.3 release was on triage report, allowing you to overview and prioritize the posture and behavior detections on your assets.
This week, we are excited to announce our first custom cyber dashboard for a threat use case:
Phishing Detection
Our Phishing Dashboard is an operational dashboard that shows active fake websites that could cause damage to your organization. A single page answers the top 3 things you need to know about phishing so you can speed up response actions and take proactive measures:
- What are the active websites impersonating my brand?
- How effective is my response in taking them down?
- What are the phishing attack patterns observed?
What's phishing and why is it important?
Bait, Hook, Catch.
Phishing is a type of deceptive social engineering where a malicious attacker pretends to be a legitimate source, with the objective of receiving sensitive information from a target.
A common phishing technique attackers use is to send targets email with a link (bait) that opens up a spoofed website (hook), and get users to enter their financial details (catch).
Phishing attacks remains an effective way to gain access to your assets, and they can cause serious financial and reputational damage.
* * *
The hm.works platform monitors logs from multiple data sources such as domain name, email header, legitimate web addresses, email attachments, and web requests made by phishing victims, and correlate the data with external threat intel such as known active phishing URLs and threat actors.
Let's explore each segment of the Phishing Dashboard.
URLs to Take Down
- What: This card reports the count of spoofed website URLs that are active and have been taken down to date and the percentage difference of active URLs compared to the previous month.
- Why: Helps you to understand active phishing threats, and inform your action to respond (e.g. take down URL / investigate further)
- How: Forward data from web application firewalls, web CDN, or edge networks. Customize legitimate URLs to monitor on the hm.works web app.
Turnaround Time for Take Down
- What: This card reports the mean time to take down active phishing websites per month and the percentage difference of meant time to react compared to the previous month.
- Why: Tracks the effectiveness of your response to threats and directs your operational actions to meet and exceed your key performance indicators.
- How: Forward data from web application firewalls, web CDN, or edge networks. Customize your KPIs on the hm.works web app.
Phishing Detection Grid
- What: This interactive grid breaks down the details of all detected phishing URLs, active status, threat actor / group behind the campaigns, first seen and last seen date.
- Why: Having the history of phishing URLs in one place allows you to explore the data as you see fit to prioritize your action and/or improve your understanding of phishing threats to your organization (e.g. sort by status, last seen, etc.)
- How: Forward data from web application firewalls, web CDN, or edge networks. Customize your KPIs on the hm.works web app.
Peaks on Spoofed Websites
- What: This chart shows the volume of active phishing URLs discovered per day over time
- Why: Helps you identify new phishing patterns or validate known patterns to inform response action (e.g. peaks in volume 3 months before Christmas season)
- How: Forward data from web application firewalls, web CDN, or edge networks.
* * *
And that is hm.works 1.4! We will be releasing more features and updates regularly, so stay tuned.
To get the latest news from Human Managed, follow us on LinkedIn and check out our blog.
* * *
Want to discuss how we can help solve your cyber, digital, or risk operations through data?
Want a test run of the hm.works app?
Have any questions or feedback?
Please contact us at hello@humanmanaged.com.