PhishLabs Enhances Email Incident Response with Threat Intelligence and SOAR

PhishLabs Enhances Email Incident Response with Threat Intelligence and SOAR

New capabilities provide proactive and automated protection against threats that bypass email security technologies.

Charleston, S.C., June 18, 2018 — Today, PhishLabs announced the general availability of Email Threat Intelligence and SOAR (security orchestration, automation, and response) as part of the company’s Email Incident Response service. These new capabilities detect, prevent, and respond to phishing attacks that bypass email security technology and reach employee inboxes.

According to the 2019 Verizon Data Breach Investigations Report, phishing is the top threat action associated with breaches and 94 percent of malware incidents involve malware delivered via email. Common email security controls are not enough to protect against phishing threats such as business email compromise (BEC), spear phishing, account takeover attacks, and other sophisticated social engineering methods.

“For more than a decade, PhishLabs has been detecting and responding to phishing threats targeting leading enterprises,” said Tony Prince, CEO of PhishLabs. “Our new Threat Intelligence and SOAR capabilities are preventative and can stop threats that are not blocked by email security technology.”

“We analyze millions of user-reported messages every day across our client base, which puts us in a unique position to see the threats that get through to enterprise employees,” said John LaCour, Founder and CTO of PhishLabs. “Email Threat Intelligence and SOAR make the most of that crowdsourced visibility to automatically remove threats before employees interact with them.”

PhishLabs’ Email Incident Response service consists of:

  • Suspicious Email Analysis, which provides 24/7 expert triage and analysis of threats reported by employees.
  • Email Threat Intelligence, which delivers threat indicators via API that are crowdsourced from malicious emails observed in user inboxes across our client base.
  • SOAR, which provides automatic detection and removal of malicious emails, including those that have not been reported by employees.

Email Threat Intelligence provides expert-verified indicators specific to threats that have bypassed email security stacks in enterprise organizations. Enterprises can enhance their protection against these threats by integrating Email Threat Intelligence into their existing security technology stack. Email Threat Intelligence is delivered via API in JSON, flat file, and STIX formats for consumption by third-party TIP, SOAR, SIEM, Network Security, Email Security, and Web Security platforms.

PhishLabs’ Email Incident Response SOAR uses Email Threat Intelligence to proactively protect against malicious emails, including those that have not been reported by users. SOAR inspects emails in motion and at rest, continuously hunting for threat indicators. When detected, malicious emails are automatically removed from user inboxes to prevent interaction.

To learn more about PhishLabs Email Incident Response, visit


About PhishLabs

PhishLabs partners with enterprises to protect against cyber threats that exploit employees, customers, and brands. By addressing social engineering attacks across email, social media, web, mobile, and SMS channels, PhishLabs reduces the risk posed by phishing. Top enterprises rely on PhishLabs to protect against stolen credentials, malware, brand abuse, and online fraud.

To learn more, visit and follow @phishlabs.


PhishLabs is a registered trademark or trademark of Ecrime Management Strategies, Inc., in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

Media inquiries:

Stacy Shelley
+1 843.329.7824