Skip to main content

Earlier this month, we enabled the inline AI-powered phishing detection engine in Netskope Threat Protection for all customers, significantly enhancing its capability to block phishing content in real time. 


 


Phishing is one of the most common online security threats. At Netskope, we use cutting-edge deep learning techniques to learn the patterns of phishing websites. Similar to generative pre-training of large language models, such as BERT and GPT, we use a large number of web pages to train the HTML encoder and then use it to build the phishing classifier. We have been awarded three U.S. patents for our innovative approach to phishing detection.


 


We have been gradually rolling out the inline phishing detection engine. The engine has discovered a range of zero-day phishing attacks in customer traffic, including active phishing campaigns targeting Microsoft, Facebook, and so on.


 


How can you tell if a page was blocked by the inline phishing detection engine?


 


On the tenant UI, you will see the following indicators that shows the detection is related to the NS inline phishing engine.




  • tenant UI > Skope IT> Alerts > Alert Details > Malware , Malware name is Gen.DetectBy.NetskopeAI.Phishing



  • tenant UI > Skope IT> Alerts Alert name is Gen.DetectBy.NetskopeAI.Phishing


 


Attached is a screenshot of the tenant UI. Please let us know if you have any questions. 

Be the first to reply!

Reply