Q: Does the incident responder violate the user privacy?
Q: Can we centralise the distribution of add-in?
Q: Are the emails sent by users for analysis securely stored on the server?
Q: Can an Attacker hijack Outlook Add-in?
Q: Can I integrate this solution with the security products I have?
Q: How can our audit teams oversee and control the people and their operations that govern the Keepnet interface?
Q: How do you report the incidents analysed, investigated and responded?
Q: If the reported email is appeared to be non-malicious, can we send an e-mail the user stating that the email does not contain any threats?
Q: If the suspicious email analysed is malicious, can we delete this email from the inboxes without any intervention?
Q: Does the app have ArcSight integration? (For logging of events such as phishing mail/deletion etc.)
Q: During the installation, we considered one email as suspicious and made an analysis. We would also like to test whether the server resources are sufficient for more than one analysis or in different scenarios. How can we move on?
Q: When we search for suspicious mail from the Incident Investigation tab, we have to wait too long. How can we shorten this time?
Q: How to a suspicious email is analysed by VirusTotal? Are the file hashes sent to VirusTotal, or does the application has its own file analytics?
Q: How do you analyse the emails? Which tools are used for analysis?
Q: What are the meaning of Active and Passive in the Phishing Reporter Add-in Section?
Q: How does the platform store reported suspicious email's attachments?