Updates to Dashboard and Supply Chain
The next time you log in to OnINBOX Manager, you will notice that we’ve split our Supply Chain page into 2 pages - the Dashboard page that provides an overview and analysis of your inbound email, and a Supply Chain page, where you’ll find data that is specific to your vendors.
To find out more about these changes, keep reading!
The new Dashboard page is split into a number of sections.
Across the top of the page, Filter All Traffic provides easy insight into the number of emails received and reported by domain name, date, and time.
Just underneath here, there will be a brand new view called Actionable Overview, scheduled to be released to all users in the coming weeks. This provides a quick overview of the state of your organization’s inbound email security, including
The most commonly experienced attack vector you were exposed to in the selected time period (in the example below, the vector is credential harvesting)
Vendors with insecure DMARC
Vendors with insecure TLS
Which attachments contained malware and/or viruses
When it comes to the ACT donut charts, their design and functionality have been enhanced.
The different sections of the donut are now clickable and will filter all vendors for each section within the donut, for example, by clicking on the red portion of the Authentication donut, you will see a list of all the vendor domains that failed authentication.
The email security section will break down all the emails you have received and display their DMARC status. This will allow you to filter by the various DMARC policies:
The Reported Emails section displays the last 5 emails you received reports on. From here, you can action these reports by selecting the row of each report which will take you directly to the report page.
You are able to review the same filtered reports by selecting each section within the pie chart.
The Supply Chain table that was previously displayed at the bottom of the Dashboard page has been upgraded to its very own menu item.
With the amount of critical data we are exposing to our customers, we felt that splitting the Supply Chain from the Dashboard was logical and would make for easier navigation. The Dashboard view continues to function as an “at a glance” breakdown of your inbound email security. The Supply Chain page now specifically focuses on your vendors’ email security, allowing much deeper digging into and filtering of your organization’s supply chain.
The Actionable Overview described above will be available shortly.
The All Traffic table is the same as it was previously with the exception of TLS being an absolute number. This will now inform you of the number of insecure emails you received from a domain.
Please note that between late November 2022 and early January 2023 there will be ongoing changes and additions to this page, including the addition of a vendor’s email and web configuration overview (data that is provided by the latest product on the Red Sift Platform, Hardenize), a breakdown of your user’s interactions by vendor, a security scorecard of the vendor’s risk, and more!
TLS is a cryptographic protocol that provides end-to-end security of data sent between applications over the internet most commonly used in email. We will be identifying and reporting any insecure emails sent to you.
Compromised attachments: When an encrypted attachment is sent to you, the password is typically sent in another email or via text message or a phone call. When a phishing attack is taking place, you will be sent the attachment and the password in the same email. So, we will be looking at unique words within an email and will attempt to forcefully open attachments. If OnINBOX succeeds in doing so we will notify the end user of this and state in a banner that this is a typical phishing attack and unless you trust this user implicitly we advise you should not open this attachment.
Links within attachments: OnINBOX will now scan links within attachments and will identify if the link is malicious in some form and will notify the end user. When we identify malicious links we will do the same as Link Guard. The only difference here is that we are not able to rewrite the URL within the attachment we will simply explain within the banner that the attachment has potentially malicious links and to proceed with caution.
Malware and virus scanning: OnINBOX will now scan all attachments for malware. As stated above for compromised attachments, if we are able to open an encrypted attachment we will also scan it for malware. The end user will see a red banner that will tell them the attachment contains a virus, to not open it, and to report the email to their Security Operations team.
Credential harvesting emails are a common way of obtaining your personal information, for example, by asking you to click on a link to reset your password. OnINBOX uses NLP technology to determine whether you are being asked to reset your password. It also identifies whether the domain source is legitimate and if it is not, will continue to process the email by taking screenshots and analyzing it for a company’s logo. If this comes back as false, a banner will inform the user that this is an impersonation attempt, to not click the link in the email, and to report it to their Security Operations team.