First Detections Explained

What happens when the alarm bells ring? Understanding the lifecycle of an alert from the browser to the dashboard.

Scenario: Phishing Email

An employee receives an email: "Urgent: Update your Payroll Details". They click the link. The website looks exactly like your HR portal, but it's hosted on a malicious domain.

1

Detection & Block

Before the website finishes loading, Tozetta analyzes the page structure. It detects a "Login" form and identifies the suspicious URL standard-hr-update.com.

⚠️ The page is immediately replaced with a Full Screen Warning. The user cannot enter their password.

2

Alert Transmission

Instantly, an End-to-End Encrypted signal is sent to the Arx Platform. Your security team receives an alert in the Dashboard.

CRITICAL: User John Doe visited High-Confidence Phishing Site
3

Investigation & Response

In the dashboard, you have full visibility into the incident:

Screenshot Evidence
See exactly what the user saw (safe image)
Technical Reasons
E.g., "Visual Similarity to Office 365"