We currently have a major SEG vendor; however, aren’t thrilled with it. There are many issues and support is atrocious and refuses to treat product bugs as such and instead wants us to submit feature requests instead. Needless to say, we are looking at alternatives.
It’d be easy to jump to the other major SEG or use our cloud email provider’s solution, but I want to see if maybe there’s been a new player added to the market that has interesting ideas that are better against today’s threats than 2011’s threats and email problems. Agari? Area 1? Darktrace Antigena Email? Any recommendations for a modern SEG?
We’re also looking at Phishing Detection and Response (PDR). Something like KnowBe4 PhishER + PhishML + PhishRip or Cofense. Something that helps automatically triage reported suspicious emails, helps the analyst with their analysis of those that do need human intervention, allows for easily replying to the reporter with a template email response, and removes email from mailboxes and, ideally, also can block senders in the SEG solution.
It would be even better if a SEG vendor also has a PDR solution! As far as a true SOAR, we aren’t quite there yet so are limiting our search to PDR for now.
Just looking to see how others are tackling these problems today.