Our mission is making INBOX.CLEAN™ a reality: stop phishing attacks — the root cause of 95% of breaches — before they reach users. Get the only solution that preemptively stops Business Email Compromise, malware, ransomware and other advanced threats by discovering and eliminating them before they cause damage.
Email Security has certainly come a long way. With cloud messaging now the standard versus the legacy on premise approach (Lotus Notes anyone?) the strategy of securing these clouds has also experienced a revolution.
Area 1’s cloud-native SaaS solution supports three key use cases: preemptive anti-phishing across all threat vectors (email, web, social, network); cloud email security / SEG replacement; and phishing security automation for SOC teams.
Area 1 is a Microsoft Certified Partner and a Google Cloud Security Technology Partner of the Year. We also integrate with a number of SIEM, SOAR, SEG and firewall technology providers to fit your unique infrastructure. Learn More
FIND A CHANNEL PARTNER
Work with trusted cybersecurity experts across the globe to secure your business. Learn about our partnerships with Legato Security, Optiv, SADA Systems, SYNNEX and others. Channel Partners Become A Channel Partner
At Area 1, we’ve been fighting phish as a distributed team since our founding. While our HQ is in Redwood City, Calif., our team includes several prominent engineers in other states, coasts, and countries! Making this distributed set-up work well is part of what helps us deliver great product and service to our customers. Below, I highlight three practical ways our team leverages Slack to make distributed engineering easier.
1) Reduce friction through … Reaction Emojis?!
The hardest part about being remote is quickly making a decision, confirming buy-in, and letting everyone know about that decision.
Our team members (geographically dispersed since 2014) first post proposals in Slack. Our convention is to start with a bold “proposed,” followed by the details of our suggestion (like writing this blog!). :plus: and :heavy_minus_sign: symbols are used for voting. Generally, we block if someone posts a minus sign, and that person threads their feedback on why we should hold off. When the proposition is in progress, a :wrench: or :gear: icon lets everyone know the work has begun. A :white_check_mark: lets everyone know it’s complete.
This simple workflow lets us quickly make many group decisions every single day, with a minimum amount of effort spent communicating, but with the benefits of a larger team discussion. The proposer gets a burst of confidence when others agree with their plan, and gains a sense of who’s available to support them if unexpected issues arise and help is needed. The biggest benefit is less friction, and more results for our customers.
2) A threaded triage channel
We create specific #channels dedicated to responding to escalations. On-call teams are put into Slack groups and receive notifications from these #channels when appropriate. Our CTO, Phil Syme, wrote a little bot to keep our PagerDuty groups in sync but, most importantly, we keep each escalation to one top-level message and handle follow-ups as a thread of that message. This process keeps the channel clean (easier to look back at events), the notifications minimal (as only people in the thread get notified for sometimes long conversations), and prevents items from getting missed. We use the same approach for monitoring alerts and customer escalations — it really reduces the strain of support!
Reaction emojis are key — a quick :eyes: by the first responder lets other people know who’s on the case, and prevents overlapping efforts from multiple people working on the same issue.
3) Effective build notifications!
We let our CI tool Slack us for key production events, with links to the actions so we can proactively cancel or click on to track closely. That way everyone knows what our robots are up to, and can veto any action that’s about to take place. A short delay built into the job gives enough of a window to respond, but lets actions proceed without manual intervention. The appropriate on-call team is tagged so that priority messages aren’t missed. We really avoid @channel messages.
Without a communication process to let new ideas, immediate needs, and task priorities flow smoothly and quickly, we’d be missing out on the incredible talent of our diverse and distributed cybersecurity engineering team. Some simple Slack routines enhance productivity and strengthen our team so we can stay focused on blocking phishing attacks.
A streamline proposal process captures new ideas that can be voted on and debated fast, moving individuals’ suggestions into production
Threads for triage allow for immediate response time and happy customers
Notifications can provide a useful time buffer to act on last minute priorities without affecting automated deployments
If you’re a Slack emoji pro and interested in joining an engineering team that helps hunt bad actors on the Internet, please connect with me on LinkedIn or visit our Careers page.
Issa Ashwash is Area 1’s Director of DevOps. Aside from Slack and stopping phish, he enjoys bad music (especially electronic pop remixes), short walks on sandy beaches, and everything automation.
Want to keep up to date with the latest phishing trends?
Business Email Compromise (BEC), also sometimes referred to as email account compromise (EAC) or vendor email compromise (VEC), is a type of phishing attack that takes advantage of an existing relationship between a victim and organization.
https://www.area1security.com/wp-content/uploads/2022/04/BlogEmailBanner_BECAttackType_2022APR14.png13072500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-04-18 10:07:242022-04-28 08:48:24Understanding the Four Business Email Compromise Attack Types
Dear America’s sports-loving, company-securing fans: Before you find yourself glued this weekend to (what some call) THE biggest game in college basketball history, we are here to crown the 2022 March Hackness winner!
https://www.area1security.com/wp-content/uploads/2022/03/Champion-Banner_2.png10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-31 06:00:292022-04-28 08:49:23Area 1 Security Announces the Most Spoofed Brand of 2021
Area 1 Security’s Sixth Annual March Hackness: The Perfect Phishing Bracket is here! Learn who made the list of the top brands that attackers use in phishing lures.
https://www.area1security.com/wp-content/uploads/2022/03/SocialBanner_Blog_MarchHackness2021_2500x1000-Copy-2.jpg10002500Elaine Dzubahttps://www.area1security.com/wp-content/uploads/2022/04/Cloudflare-A1S-Logo-1-1.pngElaine Dzuba2022-03-26 20:45:192022-04-28 08:51:272022 March Hackness: The Return of the Phishing Bracket