Machine Learning Capabilities

Machine Learning capabilities using the Phishing Classifier and automations.

The following table describes the available machine learning features and scripts, grouped by its use case.

Feature	Description	More Information
Phishing Classifier	Enables you to train a machine learning model based on your own phishing incidents. The trained model can provide predictions. You can Create a Machine Learning Model, use the Phishing Classifier Demo, and Train a Phishing Classifier on Non-English Languages	Machine Learning Models Overview
FindDuplicateEmailIncidents	This automation finds duplicate past phishing incidents, even if a a few words are different between emails. It helps you to handle duplicate phishing incidents more easily.	Install the Phishing Content Pack, which includes the automation.
FindEmailCampaign	This automation identifies email campaigns, by finding past phishing incidents with high text similarity. If a phishing campaign was found, the output concentrates details regarding the campaign, such as, when it occurred, whether it involved senders and recipients, mutual indicators, email summary, etc. It provides an immediate detailed background (if found) for a given phishing incident.	Install the Phishing Campaign Content Pack, which includes the automation.
DBotFindSimilarIncidents	This automation finds past similar incidents based on incident fields similarity. It also includes an option to display indicators similarity. The model aims to detect similarity through text or JSON, even if the value is different. The automation provides the user with these details. For details, see DBotFindSimilarIncidents Script	Part of the Base Content Pack.
DBotPredictURLPhishing	This automation ingests data such as the screenshot and HTML of a web page, URL syntax, and domain information, and predicts if the URL is a phishing attack. For details, see DBotPredictURLPhishing Script.	Part of the Phishing URL Pack.