Built for MSPs · AI-powered analysis

Every phishing report.
Analysed in seconds.

PhishNet automatically processes every email your clients flag. AI verdict, IOC extraction, Mimecast rules, and one-click remediation — before your tech finishes their coffee.

Request access → See how it works
PhishNet Analysis · PN-9F2C41
PHISHING
Living-off-trusted-services · DocuSign impersonation
97%
  • Sender domain docu-sign-secure.net is a typosquat — registered 11 days ago, WHOIS privacy, zero prior reputation
  • SPF: FAIL · DKIM: FAIL · DMARC: FAIL — all authentication checks fail
  • Embedded link redirects to credential-harvesting page, not DocuSign infrastructure
  • High-urgency language: "contract expires in 24 hours" — classic social engineering pressure tactic
38s analysis time
emails analysed
avg. processing time
realtime stats · updated live
Avg. AI confidence
Threats detected
Confirmed phishing caught
9+
Security tool integrations
How it works

From report button
to remediated — automatically.

Huntress forwards phishing reports straight to PhishNet. No manual triage. No missed emails.

01 / INGEST
Client reports phish
End users click the "Report Phish" button in Outlook, or just send the email in. The notification email arrives at PhishNet automatically — no configuration required per user.
02 / ANALYSE
AI analyses everything
PhishNet parses the 3-layer .msg structure, extracts headers, IOCs, and URLs, checks VirusTotal and urlscan.io, then runs AI analysis with your custom context injected.
03 / ACTION
Technician acts — or it's automatic
A full report lands in your team's inbox with one-click remediation. Above your confidence threshold? Auto-block fires via Mimecast, Umbrella, SentinelOne, or any connected tool.
Capabilities

MSP-grade analysis.
Not just spam detection.

Impersonation detection
Live Azure AD lookup checks display names and subject lines against real employee names — catching CEO, CFO, HR, and IT impersonation even before your team sees it. Heuristic fallback when no AAD connector is configured.
Living-off-trusted-services
Detects attacks abusing DocuSign, Stripe, SignNow, PayPal, and other trusted platforms. The AI understands that a legitimate-looking sender can still be malicious when the underlying link infrastructure doesn't match.
Security tool automation
Connects to Mimecast, Cisco Umbrella, SentinelOne, Microsoft Defender, CrowdStrike, Sophos, Barracuda, and Webroot. Block, quarantine, or purge across all your clients' environments with per-client API key management.
Anonymous threat sharing
Opt-in network of PhishNet MSPs sharing confirmed malicious IOCs. Source MSP identity is never revealed. Auto-block only fires after the originating technician manually actions the threat — no surprise blocks.
Privacy by design
Privacy mode purges reporter identity, email body, and recipient data after case closure. IOCs are always retained. Azure AD data is never written to disk — live lookup only, discarded after each analysis.
Mimecast rule recommendations
Every phishing report includes exact Mimecast admin console paths and the specific rules to create. Your technician gets a copy-paste-ready remediation checklist, not a vague threat description.
Pricing

No overage fees. Ever.

When you hit your monthly limit, processing pauses until your cycle resets or you upgrade. No surprise bills, no per-email charges.

Starter
C$89/mo
Billed every 28 days · Annual: 13 periods for 12
100 emails / period
  • Full AI analysis on every email
  • Up to 3 security tool integrations
  • 2 technician accounts
  • MSP admin portal
  • Mimecast rule recommendations
  • Email reports with IOCs
  • Privacy mode
Request access
Professional
C$189/mo
Billed every 28 days · Annual: 13 periods for 12
400 emails / period
  • Everything in Starter
  • Unlimited tool integrations
  • 10 technician accounts
  • Azure AD connectors
  • Threat intelligence sharing network
  • Campaign detection & fingerprinting
  • Monthly PDF reports
  • Custom AI instructions
Request access
Enterprise
C$379/mo
Billed every 28 days · Annual: 13 periods for 12
1,000 emails / period
  • Everything in Professional
  • Unlimited technician accounts
  • Priority support
  • Custom billing cycle
  • Dedicated onboarding
  • SLA agreement available
Request access

Need more volume? Contact us for a custom plan →

ROI Calculator
Estimate your monthly savings and find the right tier
Phishing reports per month 150
106001,200+
Minutes per investigation (without PhishNet) 35 min
5 min45 min90 min
Technician cost $65/hr
$20/hr$60/hr$100/hr
Savings assume PhishNet reduces per-email investigation to ~3 minutes (reviewing the AI report and clicking action buttons). Your actual savings may vary.
Starter
Up to 100 reports / period
C$89/mo
✓ Recommended
Professional
Up to 400 reports / period
C$189/mo
✓ Recommended
Enterprise
Up to 1,000 reports / period
C$379/mo
✓ Recommended
Custom
1,000+ reports / period
Let's talk
✓ Recommended
Estimated monthly savings
C$0
Get started with PhishNet →

You're processing 0 reports/month — that's serious volume. We'd love to build something that fits. Custom pricing, dedicated onboarding, and an SLA tailored to your needs.

Let's chat →

Get access to PhishNet.

We're currently onboarding a select number of MSPs. Leave your details and we'll be in touch within 2 business days.

No credit card required. We'll be in touch within 2 business days.

✓ Request received — we'll be in touch soon!