PhishRelay

PhishRelay is a web app with optional Slack/Teams add-ons that turns “I got a weird email” into a structured, trackable security workflow for SMBs. Employees can forward suspicious messages or click a button to report; the system automatically extracts headers, URLs, attachments, and sender infrastructure, then scores risk and suggests next steps. It creates a lightweight incident ticket, notifies the right owner, and guides containment actions like blocking domains, resetting credentials, and searching mailboxes for similar messages. The AI component drafts plain-English summaries for leadership and generates step-by-step remediation checklists, but it never auto-executes destructive actions without approval. It also maintains a simple phishing trend dashboard and a “repeat offender” list (users, vendors, domains) to prioritize training and controls. This is not a full SOC replacement; it’s a focused phishing-to-response pipeline SMBs can actually run.