It was a beautiful summer morning when Tracy Kelpman, Sharepoint's lead engineer, got to her office. The sun was shining and the birds were singing. All was right in the world. Until she opened her laptop and saw that critical files within her company's Sharepoint server had been leaked to their biggest competitor.
Her heart sank as she realized that there had been a misconfiguration introduced to the company's Sharepoint platform.
She quickly began investigating the incident, introducing ThreatKey's powerful tools to perform a root cause analysis.
She quickly determined that the incident had been new introduced by a new member of the IT staff changing settings within Sharepoint. When she spoke to the new employee, however, they knew nothing of the incident. She eventually determined that the employee had been phished.
Tracy was able to quickly contain the damage and restore the platform to its previous state. But she was not content to simply sit back and wait for the next attack. She wanted to figure out how they had been phished.
ThreatKey had allowed her to realize that the phishing attack had been possible because one of the anti-phishing rules had been removed from the platform, which allowed the sophisticated attack to slip through. The attacker impersonated a vendor of the employee with an incredibly targeted spearphish. ThreatKey helped stop further attacks by helping Tracy reintroduce the rule and monitor for any future violations, immediately creating a high severity incident.
All was right in the world. Tracy had saved the day.