Our mission is making INBOX.CLEAN™ a reality: stop phishing attacks — the root cause of 95% of breaches — before they reach users. Get the only solution that preemptively stops Business Email Compromise, malware, ransomware and other advanced threats by discovering and eliminating them before they cause damage.
A cybersecurity analyst or engineer wakes up every morning, flips on their laptop, and defends others from attacks, responding at the speed of lightning to beat cyber villains, and with unmatched adaptability and agility stops cyber villains from getting into your inboxes and organizations – all while calling it just a normal day at the office.
Area 1’s cloud-native SaaS solution supports three key use cases: preemptive anti-phishing across all threat vectors (email, web, social, network); cloud email security / SEG replacement; and phishing security automation for SOC teams.
Area 1 is a Microsoft Certified Partner and a Google Cloud Security Technology Partner of the Year. We also integrate with a number of SIEM, SOAR, SEG and firewall technology providers to fit your unique infrastructure. Learn More
FIND A CHANNEL PARTNER
Work with trusted cybersecurity experts across the globe to secure your business. Learn about our partnerships with Legato Security, Optiv, SADA Systems, SYNNEX and others. Channel Partners Become A Channel Partner
Over the past few years, the MITRE ATT&CK framework has taken the reins as the new standard of security framework for many organizations. It is the spiritual successor to Lockheed Martin’s Cyber Kill Chain in many ways. In brief, the MITRE ATT&CK follows an attack from beginning to end, listing attacker tactics and techniques for each phase of the attack.
More and more, frameworks in security are becoming indicators of a good security program. In my time as a CISO, I would write corporate policy around frameworks. Coming from a government/military background myself, I was in love with NIST and the Cyber Kill Chain.
However, once I found myself in a retail organization that had never had a true security program, I realized that I couldn’t utilize my beloved NIST — the organization simply wasn’t ready for that kind of seismic shift in their culture.
I tell this story to many people in the security industry as a warning: don’t make a security framework your only form of securing your people. Frameworks are just as the name suggests, a framework! They are guide rails. They are a measuring stick. They aren’t security.
If you follow NIST to the letter, you’ll still get hacked. If you are PCI DSS Level 1 and have never failed an audit, you’ll still get hacked. Compliance doesn’t equal security.
I’ve seen several people become slaves to the framework at the detriment of their organization’s growth. I’ve heard those same people tell the horror stories of IT teams resenting security due to the over-restrictive nature of their policies, all done in honor of their particular framework.
Again, I go back to what a framework by name truly is: a FRAMEWORK. This means:
Don’t be too stringent in sticking with a single cybersecurity framework.
Do find elements of each existing framework, and adapt it for your policy.
Don’t adapt your organization to a framework.
In other words, if you’re protecting jeans and not nuclear codes, don’t lock down your organization so much that you can’t sell your merchandise.
That said, the MITRE ATT&CK falls into a different category of frameworks. Unlike other frameworks, MITRE ATT&CK deals more with the process of finding where to stop an attack at a particular level, before irreparable damage is done. Security analysts can use it to follow an attack pattern and try to stop the attack from progressing. More than 80 percent of enterprises have adopted the MITRE ATT&CK framework to determine security gaps, write policy or for threat modeling. The framework is a good way to have your security team think about an attack.
But what is better than following a cyberattack through its lifecycle? Stopping it from happening to begin with. Detection is a must, but prevention is ideal, as the old saying goes. I challenge you to find the points of weakness and design preventions to stop the bleeding there.
At Area 1, we stop phishing attacks before they do damage. That is our mission. We take the email vector off the table for an attacker. In terms of applying what we do to the MITRE ATT&CK framework, our goal is to focus on the “Initial Access” stage to prevent attacks from reaching organizations in the first place. That’s why a large part of our technology focuses on massive-scale web crawling and in-the-wild phish indexing to detect the early signs of a phishing attack at its source.
By extension, a strong focus on comprehensive email security will protect your organization from many targeted attacks, the great majority of which start off as a phishing email.
If an attack can’t begin, will a framework still be needed? To measure your readiness and maturity, yes. But to follow an attack through your network? Nope!
In summary, love your security, like your framework. Not the other way around. Fight the good fight my friends!
If you’d like to learn what makes the MITRE ATT&CK framework useful for email security, and how to adapt the areas of the framework that make the most sense for your organization, check out Kevin’s recent webinar, “Phishing & the MITRE ATT&CK Framework” (where he’s joined by Area 1 Security’s co-founder, Oren J. Falkowitz), here.
Kevin Wilson is a Sr. Product Manager at Area 1 Security. Throughout his 14 years in Cyber Security, Kevin has been an Analyst and Engineer in various organizations such as the U.S Navy, First Data, and Lowe’s. Previously he served as the Global Information Security Officer at Guess? Inc as well as a Product Manager for McAfee.
Business Email Compromise (BEC), also sometimes referred to as email account compromise (EAC) or vendor email compromise (VEC), is a type of phishing attack that takes advantage of an existing relationship between a victim and organization.
https://www.area1security.com/wp-content/uploads/2022/04/BlogEmailBanner_BECAttackType_2022APR14.png13072500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-04-18 10:07:242022-07-08 14:19:35Understanding the Four Business Email Compromise Attack Types
Dear America’s sports-loving, company-securing fans: Before you find yourself glued this weekend to (what some call) THE biggest game in college basketball history, we are here to crown the 2022 March Hackness winner!
https://www.area1security.com/wp-content/uploads/2022/03/Champion-Banner_2.png10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-31 06:00:292022-04-28 08:49:23Area 1 Security Announces the Most Spoofed Brand of 2021
Area 1 Security’s Sixth Annual March Hackness: The Perfect Phishing Bracket is here! Learn who made the list of the top brands that attackers use in phishing lures.
https://www.area1security.com/wp-content/uploads/2022/03/SocialBanner_Blog_MarchHackness2021_2500x1000-Copy-2.jpg10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-26 20:45:192022-04-28 08:51:272022 March Hackness: The Return of the Phishing Bracket