WhiteMailブログ
メールセキュリティとエージェント型AIについての私たちの考え。
- #BEC#agentic-ai#email-security
The most dangerous email attacks don't look malicious at first
The hardest threats to catch come from trusted senders, inside real conversations. Here is how WhiteMail’s WhiteHat investigates context — on every email, in real time — when attacks are built from context, not patterns.
続きを読む → - #trends#agentic-ai#soc
Trend — the AI-native SOC: from automation to autonomous investigation
A decade of security automation just ran human-written rules faster. The next step is different: the machine performs the investigation, not the playbook — the judgment, not the steps.
続きを読む → - #explainer#glossary#detection
Security terms explained — what makes an email 'malicious': IOCs, anomalies, behavior, and intent
Detection asks four different questions: does it match known-bad, is it unusual, does it deviate from a behavior pattern, and what is it ultimately trying to make someone do? Modern attacks are caught only by the last one.
続きを読む → - #trends#mfa#aitm
Trend — getting around MFA: MFA fatigue, AiTM, and session-token theft
MFA shut down stolen-password reuse. So attackers stopped going after the password and started going after the approval itself — or the session that comes after it.
続きを読む → - #trends#deepfake#social-engineering
Trend — deepfakes and multichannel social engineering: email no longer arrives alone
A suspicious email, then a phone call in a familiar voice that backs it up. Attackers now weave channels together to manufacture trust — and single-channel defenses fail in the seams.
続きを読む → - #explainer#glossary#phishing
Security terms explained — the phishing family tree: phishing, spear phishing, whaling, BEC, VEC, quishing
"Phishing" is not one word but a family. The narrower the target, the more the payload disappears and trust takes its place. Here is the whole vocabulary, in order.
続きを読む → - #explainer#glossary#email-authentication
Security terms explained — SPF, DKIM, DMARC, and why 'pass' is not 'safe'
One line keeps recurring in these reports: "authentication passed" does not mean "safe." Here is what the three email-authentication standards actually check — and exactly where the gap is.
続きを読む → - #weekly-report#month-in-review
Weekly Security Report #5 — looking back on the first two months
One line runs through every January and February report: threats keep moving away from payloads and toward context. That trajectory explains everything we are building.
続きを読む → - #weekly-report#VEC#BEC
Weekly Security Report #4 — when trust becomes the weapon: vendor email compromise
The most dangerous sender is not a stranger. It is a real account at a real vendor, replying inside a real thread. There is nothing to spoof — the trust is already there.
続きを読む → - #founding-story#explainability
Refusing the black box — why every verdict ships with its reasoning
A system that only says "malicious" makes your analyst re-investigate from scratch. We decided the product is not the verdict — it is the investigation behind it.
続きを読む → - #weekly-report#ai-phishing
Weekly Security Report #3 — the end of catching phishing by typos
Clumsy grammar and spelling were the most reliable phishing tell for a generation. Generative AI erased that signal. The question that survives is the only one that ever mattered: what is this message trying to make you do?
続きを読む → - #weekly-report#quishing#lookalike-domains
Weekly Security Report #2 — QR phishing and look-alike domains
Move the link into a QR code inside an image and it disappears from URL scanners. Add a one-character look-alike domain and the human eye follows it in.
続きを読む → - #founding-story#agentic-ai#shieldai
Building WhiteHat — why four agents, not one model
"Why not feed the whole email into one model and ask if it is malicious?" That is where we started — and here is what we learned about why it was the wrong shape.
続きを読む → - #weekly-report#BEC
Weekly Security Report #1 — BEC didn't go away, it got quieter
The new year is peak season for wire-transfer and account-change fraud. The most dangerous messages we analyzed this week had no link, no attachment, no malware — just a few sentences.
続きを読む → - #founding-story#email-security
Why we started WhiteMail
The email that finally caused the damage was almost never the one that looked dangerous. What if every email got the investigation only a handful receive today? That question is the whole company.
続きを読む →