Cofense has introduced Vision 3.0, the newest upgrade to its Phishing Threat Detection and Response (PDR) platform. The release enhances incident response by providing security teams with instant visibility into how users engage with phishing emails that evade perimeter defenses, enabling faster and more intelligent action.
Building on the popular “Who Opened” feature, the latest “Who Clicked” update allows analysts to see whether a user opened a malicious message, clicked a link, downloaded a file, or connected to a suspicious domain, all in real time. This enriched behavioral context allows teams to isolate threats, reset credentials, and guide follow-up action without delay or guesswork.
The release also introduces full support for hybrid deployments, enabling organizations to run Vision across both on-premise and cloud infrastructures. This added flexibility ensures that security teams, regardless of architecture, can achieve consistent, scalable protection and response across complex environments.
Human Oversight Remains the Top Defender
In 2024, the Cofense Phishing Defense Center detected a malicious email every 42 seconds, a 26% increase from the previous year, driven in part by threat actors using generative AI to launch attacks. Many vendors counter with AI-based automation, but these often mirror the limitations of in-line gateway filtering. Missed emails are sent to abuse mailboxes, where automated tools attempt to catch what was missed—still relying on the same flawed foundations. These “black box” systems lack transparency, making their decisions difficult to explain or audit.
Cofense takes a different approach: our intelligence comes from over 35 million users worldwide, spanning environments protected by multiple SEG and ICES solutions. This global, crowd-sourced perspective allows us to spot the “post-gateway” threats others overlook. Every detection is backed by human curation for unmatched accuracy. The results speak for themselves: Cofense Auto-Quarantine stops threats that evade other defenses, adding a transparent, intelligence-driven layer of protection that closes the AI email security gap.
“Human-vetted intelligence is critical to effective cybersecurity,” said Jason Meurer, Senior Technical Product Manager at Cofense. “Cofense combines supervised AI with real-time threat intelligence sourced from over 35 million trained users, delivering rich insights that drive early detection and rapid defense. With Vision 3.0, analysts gain immediate visibility into exactly who engaged with a threat before it was quarantined—enabling swift, targeted actions like endpoint isolation, credential resets, and user-specific remediation. This includes addressing sophisticated threats such as .ICS-based calendar phishing, where Vision’s new Calendar Quarantine feature identifies and neutralizes malicious events auto-generated in Exchange, reducing user exposure before damage is done.”
Vision 3.0 combines real-time indexing with rapid IOC identification to detect and contain threats that SEGs and ICES miss. From initial detection to full remediation, every phase of the incident response cycle is accelerated, with insights that strengthen the human layer and support long-term resilience.
Learn more about the Cofense Vision 3.0 Phishing Threat Detection and Response (PDR) platform here.
Related News:
