Securonix Releases Phishing Analyzer Based on COVID-19 Advanced Threat Research

Securonix Extends Remote Workforce Monitoring Capabilities with Phishing and Business Email Compromise Solution Powered by Machine Learning-Based Visual Similarity Analytics

 Addison, Texas – May 6, 2020 Securonix, Inc., a leader in next-generation SIEM, today released the Securonix Phishing Analyzer capability, powered by machine learning-based visual similarity analytics. An extension of Securonix’s Remote Workforce Monitoring solution and designed by Securonix’s COVID-19 Task Force of data scientists, threat researchers, and detection engineers, the new solution enables organizations to detect advanced phishing and business email compromise (BEC) threats.

In conjunction with the announcement, the Securonix COVID-19 Task Force has released its latest Cyber Threat Update. The update details active phishing and business email compromise threats global enterprises are currently facing, driving the release and functionality of the new Securonix Phishing Analyzer.

“Phishing and BEC attacks are on the rise as attackers are using the fear and anxiety of COVID-19 to target victims. The challenge is that most of the related attack domains are new and have not been blacklisted or categorized as malicious,” said Nanda Santhana, SVP, Cyber Security Solutions, Securonix. “By combining the intelligence of our Threat Research Team and COVID-19 Task Force, with the advanced detection capabilities of machine learning-based visual similarity analytics, our new solution enables organizations to identify and avoid today’s advanced threats.”

Since January, more than 72,000 domains have been created mentioning “coronavirus,” “COVID,” and “COVID-19”. Securonix’s Phishing Analyzer is designed to identify visually similar emails at scale with a minimal false positive rate. The solution leverages a modified Levenshtein distance algorithm to detect:

  • Typosquatting Phishing Attacks: malicious attackers use domain names that are spelled differently from the established name, but use the same character set (e.g. Securonix, Securonlx, Secur0nix). The Securonix visual similarity algorithm calculates the similarity score for each business domain with thresholds that are adjustable to minimize false positive rates.
  • Business Email Compromise (BEC): BEC attackers use the identity of a recognized individual on a corporate network to track targets and lure them to respond with sensitive data or financial transactions. The Securonix algorithm analyzes email sender information against legitimate employee and email sender information to detect malicious activity by consuming organizational HR data including first name, last name and titles. The solution also has the ability to build a chain command to specifically prioritize email compromise attempts for executives.

“In a remote workforce environment, employees don’t have the luxury of walking down the hall to discuss the validity of a suspicious email with colleagues appearing to come from a company executive or trusted source,” said Igor Baikalov, Chief Scientist, Securonix. “With our new Phishing Analyzer, threat intelligence data and data from the global Securonix customer network powers highly accurate machine learning decisions on phishing and BEC threats that are proactively applied across organizations through Securonix’s SaaS-based deployment model.”

About Securonix

The Securonix platform delivers positive security outcomes with zero infrastructure to manage. It provides analytics-driven next-generation SIEM, UEBA, and security data lake capabilities as a pure cloud solution, without needing to compromise. To learn more about Securonix, its products and services, visit or follow us on LinkedIn, Facebook and Twitter.



Jake Schuster

fama PR for Securonix

(617) 986-5021

[email protected]

Demo Tuesday: Enhance Your Security Strategy with Securonix
The SIEM Buyer's Guide to Understanding Gartner Reports
Key Trends, Threats and Vulnerabilities: Insights from the 2023 Securonix...
The Human Firewall – HR's Crucial Role in Mitigating Insider Threats