Cisco customers with Email Security Appliances (ESA) or Cloud Email Security (CES) accounts already know the benefits of Cisco’s email filtering. Every day, millions of malicious emails are automatically sent to the trash bin, and obnoxious spam messages are sequestered in the Junk folder. Despite this, the persistent nature of bad actors means this is easier said than done, and occasionally emails are classified incorrectly. Now you can help us improve our detection by reporting spam, phishing, and wrongly-classified legitimate email (ham) our algorithms have not identified correctly.
Customers can suggest classifications for emails either through the Cisco Security email plug-in or by directly emailing the appropriate classification address with the email sample attached. Customers who take advantage of this opportunity have the ability to view any email samples they have submitted for classification. Administrators can see all email samples submitted through their email domain, giving them unique insight into their network’s email traffic. Previously known as the Email Submission and Tracking Portal, the new Cisco Talos Email Status Portal lives on Talosintelligence.com and offers a more robust experience, including streamlined management for admins and new reporting features.
As part of a recent update, the Portal Submissions page now includes a set of observables to deepen user insight into the origin and context of the emails submitted to Talos, including the original sender’s domain and IP address, embedded URLs, and embedded attachments.
This will allow defenders to view even more information about the emails Talos processes and gain specific intelligence around prolific campaigns that may be targeted toward your network.
By sending an email to Talos, you can now analyze what we see for the reputation of each embedded URL, the disposition of an attachment to an email, or the reputation score for the sender's IP and domain. You may dispute these results using our support portal simply by pressing a button. You may also take the information found in the portal and head over to SecureX to investigate any artifacts in your network.
Looking for "How-to Submit" assistance? Please see our Cisco Secure Email Submission Add-in guide!
The portal provides a clear and simple interface for users to manage the domains associated with their company and ESA or CES account. Domain Admins can now perform bulk actions for Users and Permissions, such as upgrading, suspending, approving, or denying several users' permissions at a time.
Check out the new portal by logging into talosintelligence.com with your Cisco ID.
Blog posts, made available from our friends at Cisco Talos:
Updated about 1 month ago