Push Security, a leader in browser-based detection and response, has released its Phishing Detection Evasion Techniques Matrix at Black Hat 2025. This open-source framework maps sophisticated phishing techniques, helping security teams identify gaps in traditional defenses and strengthen identity-based security.
Push Security debuts Phishing Detection Evasion Techniques Matrix.
Maps real-world phishing TTPs, including MFA bypass and link camouflage.
Phishing caused 37% of breaches in 2025 Verizon DBIR, costing $4.76M per breach.
Open-source framework available on GitHub for security teams.
Showcased at Black Hat 2025, booth #2057.
Builds on Push Security’s earlier SaaS Attacks Matrix.
Phishing attacks have grown increasingly sophisticated, bypassing traditional email and network-based defenses. According to the 2025 Verizon Data Breach Investigations Report, phishing was the initial compromise in 37% of breaches, costing businesses approximately $4.76 million per incident due to compromised credentials, lost productivity, and response costs. Attackers now leverage alternative delivery methods like instant messaging platforms, social media, and malicious ads, while employing bot protection, obfuscation, and anti-analysis techniques to evade detection.
The Phishing Detection Evasion Techniques Matrix provides a comprehensive view of modern phishing tactics. “Handling phishing the same way we did 10 or 15 years ago just isn’t an option anymore,” said Jacques Louw, chief product officer at Push Security. “This resource gives defenders a clearer picture of how sophisticated attackers are actually operating in the wild — and how traditional security controls are being outmaneuvered.” The matrix maps tactics, techniques, and procedures (TTPs) across the phishing lifecycle, including target reconnaissance, lure crafting, link camouflage, anti-analysis, and MFA bypass, with real-world examples to guide security teams in testing and improving controls.
Building on Push Security’s SaaS Attacks Matrix, this framework supports organizations transitioning to identity-based security models. It is designed for operational use, enabling security teams to test phishing controls and address vulnerabilities. The matrix highlights how attackers exploit legitimate apps and services to camouflage phishing links, making it critical for enterprises to adapt their defenses to counter these evasive tactics.
The Phishing Detection Evasion Techniques Matrix is freely available on GitHub, with additional details on Push Security’s blog. Security professionals can explore the framework and discuss its applications with the Push Security team at Black Hat 2025, booth #2057. This release underscores Push Security’s commitment to equipping defenders with tools to combat evolving identity threats.
The Phishing Detection Evasion Techniques Matrix empowers organizations to stay ahead of sophisticated phishing attacks. By providing actionable insights into attacker tactics, Push Security helps security teams bolster their defenses and protect against costly breaches in an increasingly identity-driven threat landscape.
Push Security brings active security to the browser to stop identity attacks that result in account takeover — such as phishing, credential stuffing, session hijacking — and secures your entire identity perimeter. Push is the industry’s first identity security platform that uses a browser agent to monitor and defend workforce identities. Think of Push as being like EDR, but in the browser. Security teams use Push to map their identity attack surface, detect and respond to advanced identity attacks in real time, and proactively improve their overall identity security posture. Push was founded by former red team members skilled in offensive security and security operations and is backed by Decibel, GV (Google Ventures), Redpoint Ventures, Datadog Ventures, B3 Capital and other notable angel investors.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.