Announcing PhishFinder!

Ryan Sears
Nov 13, 2017 · 9 min read

How We Got Here

PhishFinder started, like any decent idea, as a solution to a problem I’d encountered many times before. In a previous life I worked as a security engineer for a larger organization, which meant it was my job to clean up and conduct forensics on more phishing campaigns than I care to remember. These varied significantly, ranging from adversaries who are hilariously bad to absolutely terrifying. Our size was a bit of a doubled-edged sword — being large meant we were able to build out analytics and alerting pipelines to help find “the bad”, and it also meant we had a healthy budget to buy things like FireEyes and email gateways to harden our defenses. Unfortunately, it also meant that we had a never-ending deluge of products marketed towards us — the majority of which were ludicrously expensive, mind-numbingly annoying to use, or generally just some people selling snake oil using the buzzwords-du-jour to peddle their wares.

Step 1. Print 1,000 of these as stickers | Step 2. Go to RSA 2018
Pictured above: The Silicon Valley guidebook on security.

It’s Time For Something New

We have a grand idealistic vision of an ecosystem of security products built to be affordable for anyone, in a way which offers real protection, and enables you to get back to whatever it is your organization is doing. We, like any good security team, are here to help you succeed, and the first iteration of this idea is PhishFinder, a platform that aims to bring practical and affordable phishing protection to any organization that needs it.

We make products that are straight-to-the-point and beautiful
While *you* might spot the difference, there’s approx. 100% chance someone in your org won’t.

A Peek At The Pipeline

We feel that transparency is important, especially when it comes to security products, and how PhishFinder finds malicious actors is no different. We want to give you more technical folks more detail on how we operate with the hope that you can make the decision to subscribe based on a clear understanding of what value we bring to the table, not some marketing material designed to BS you into forking over your credit card.

Data goes in, security comes out. You can’t explain that.
  1. Enrichment: Next, for any domains that we’ve generated, we gather as much data as we can about it. We scour the internet looking for indicators of malicious activity, fingerprinting services, parse and store page content, and whois information, and also solicit multiple RBL/spam lists and apis to help inform our analysis engine. We also get a screenshot of the page so you never have to visit the page in question to see what’s going on with it.
  2. Analysis: We then take all the data we’ve gathered and feed it into our analysis engine, which scores the overall footprint of the domain with a multitude of indicators, producing an aggregate score we track over time.
  3. Action: Once we’ve either found something new that we can confirm with a degree of certainty is malicious, or the risk score has passed a specified threshold for a domain we already know about, we trigger an action. As of right now this is only in the form of alerting, but the next big push on our public roadmap is to do active prevention as well, targeting Google Apps and Exchange as the first two integrations.

Our Pricing

One of the pieces of feedback I’ve received thus far in talking with people about PhishFinder is that my initial target pricing is far too low for the value we’re providing, especially juxtaposed with the current market of security products. This is done with great intention. Our top goal isn’t just to shake money out of people, instead we measure our success based on the impacts we have with businesses and the greater security community as a whole. I’m sick of companies being phished and not being able to do anything about it, and much more sick of people selling products for a small fortune that vastly over-promise, and under-deliver.

Simple, straightforward, and affordable

With That, We’re Officially Launched!

Pictured above: Cali Dog Security watching our analytics today (not really)

Cali Dog Security

A small software company based in the heart of silicon valley with the aim to make security products hassle-free and ubiquitous. Focusing on a strong user experience and quality engineering, we build tools that solve problems no-one else has tackled before.

Ryan Sears

Written by

Founder of Cali Dog Security & builder of things.

Cali Dog Security

A small software company based in the heart of silicon valley with the aim to make security products hassle-free and ubiquitous. Focusing on a strong user experience and quality engineering, we build tools that solve problems no-one else has tackled before.