The following table describes the available machine learning features and scripts, grouped by its use case.
Enables you to train a machine learning model based on your own phishing incidents. The trained model can provide predictions. You can Create a Machine Learning Model, use the Phishing Classifier Demo, and Train a Phishing Classifier on Non-English Languages
This automation finds duplicate past phishing incidents, even if a a few words are different between emails. It helps you to handle duplicate phishing incidents more easily.
Install the Phishing Content Pack, which includes the automation.
This automation identifies email campaigns, by finding past phishing incidents with high text similarity. If a phishing campaign was found, the output concentrates details regarding the campaign, such as, when it occurred, whether it involved senders and recipients, mutual indicators, email summary, etc. It provides an immediate detailed background (if found) for a given phishing incident.
Install the Phishing Campaign Content Pack, which includes the automation.
This automation finds past similar incidents based on incident fields similarity. It also includes an option to display indicators similarity. The model aims to detect similarity through text or JSON, even if the value is different. The automation provides the user with these details. For details, see DBotFindSimilarIncidents Script.
Part of the Base Content Pack.
This automation ingests data such as the screenshot and HTML of a web page, URL syntax, and domain information, and predicts if the URL is a phishing attack. For details, see DBotPredictURLPhishing Script.
Part of the Phishing URL Pack.