PIXM Security has a motto: “Clickers are going to click.”
The company aims to save users from themselves with zero-day phishing protection through a browser extension, says company founder Chris Cleveland. PIXM is making its first foray into the channel with the launch of an MSP program at both last week’s DattoCon in Miami and this week’s IT Nation Connect, taking place November 6-8 in Orlando, Florida.
PIXM uses AI computer vision to protect users right in the browser the moment they click on a link. It also prevents threats from stealthy spear phishing links that users click in their email box.
Cleveland likens the solution to the computer vision-based camera in a Tesla that alerts the driver when they veer outside the lane. “Computer vision is about doing that in the browser and saying, ‘Hey, this looks like a Bank of America login page or this looks like a Microsoft login page, but it’s a fake one … So the whole concept was about proactively identifying zero-day, brand new phishing attacks when they’re launched.”
PIXM takes a different approach from email-based anti-phishing solutions, Cleveland says, because hackers are targeting users in other ways too. “A hacker looks at an organization and says the corporate mailbox is super well-guarded … so they’re delivering phishing links through text messages, through QR codes, maybe a LinkedIn message where they’re sending attachments, PDF files, Word documents that have links that get clicked. So the ways that hackers can deliver a malicious login page to end users, there’s lots of them that are outside of the inbox. Because we work in the browser, instead of being plugged into email, we’re a much broader protection. If a user clicks on a link, no matter where it is, it gets opened in the browser. … We isolate them from the page, and show them a big splash alert so that they go back to safety and don’t enter their credentials.”
Why It’s Suited For MSPs
Founded in 2015, PIXM has “been quietly growing as an OEM, white labeling our solution to companies in the education space,” Cleveland says.
For MSPs, the PIXM solution can be “easily deployed and create value,” he says. It has been a multitenancy product from day one, he notes. “When you deploy this, you can see reporting across all of your different organizations. So if you manage 10 different customers, and you’ve got a user that clicks on a phishing link, you can see all of that threat data across the different customers one by one or altogether.”
MSPs can deploy PIXM via a Windows, Mac, or iOS installer. “They can push this out just like any other application. And then it runs and operates as a browser extension. So it’s literally a plugin for Chrome, Firefox, Microsoft Edge. All the major browser platforms could be pushed out in a matter of minutes using the device installers.” He notes that PIXM does not currently support Android.
The solution also includes reporting, enabling an MSP to show value, Cleveland says. “So when Joe from accounting at this organization clicks on a phishing link, the MSP can see that report from a single pane of glass. They can see the link, the user that clicked on the link, and they can even see details about the phishing attack. What does the webpage look like? What kind of credentials is it targeting? Is it targeting social media credentials? Is it targeting Microsoft Windows credentials? Does it have multifactor phishing attached to it?”
In client discussions or QBRs, “You can show a report about what’s happened over the last month, the last year, who’s been clicking on what, and the value [you’ve] been adding there.”
Program Details
PIXM is pricing the new MSP program at $1 per user/per month, with unlimited devices. PIXM is also offering free not-for-resale (NFR) licenses so MSPs can protect their own teams.
PIXM’s technology partners include N-able, Identity Automation, Carahsoft, and ThreatER.
Cleveland says PIXM is not a replacement for an email-based anti-phishing solution or security awareness training. Rather, it’s an additional layer of security. “We have this saying that ‘clickers are going to click.’ The law of large numbers just aren’t on your side. As you get more clients and more users, they get tired, they work really long hours. People make mistakes. We all do it. Even folks inside the IT and security industries.”
