Pixm is a serverless, multi-tenant, artificial intelligence based product providing real time phishing threat detection capabilities while browsing the web, for both individual and enterprise customers. Enterprise customers can sign up their organization and provision a separate environment for themself. Pixm platform is designed to rapidly identify visual branding as it appears on unauthorized login domains.
Phishing and related social engineering threats cost the private sector over $5–11B every year. Pixm is an advanced technology solution to this pressing issue that is designed to make web impersonation obsolete.
Numino Labs has taken Pixm from idea to enterprise-level in 18 months. Pixm is a large, multi-tenant enterprise software system designed to operate in a corporate environment such as business or government. Pixm is complex, scalable, component-based and distributed. Pixm is natively cloud supported, built using serverless technologies providing infinite scalability out of the box. Pixm is continuously evolving and adding new features, and supports all major browsers like Chrome, Edge and Firefox.
Numino Lab’s high-performance team of Product Delivery engineers, Product Delivery Leads, Product Architects and Delivery Owners are capable of working with CxO’s of any aspiring software enterprise. We also leverage our partner’s network to meet clients' one-off demands like UI-UX review etc.
Pixm Architecture leverages heavily, Azure and Google Cloud provider services for its deployment. Each tenant in Pixm has their own databases in Azure SQL Elastic DB Pool for storing all generated threat feeds by the user’s Pixm browser extension. The data is ingested from Extension side and consumed from Frontend.
The browser extension can be installed from chrome, firefox and edge web store directly or using GPO deployment through MSI for enterprise customers. Upon installation the extension registers with the backend to uniquely identify itself for all consequent calls. On the backend side all the calls are first received by the Application Gateway and then routed to its respective services for further processing.
The live threat detection takes place when the extension user visits a page with login controls, during which the page details are collected along with a screenshot and sent to backend VMSS (Virtual Machine Scale Set - Azure service with auto scaling capabilities) via gateway. The VMSS uses GPU machines for doing visual detection of trained brands using a proprietary machine learning algorithm to say if the page is phishing or not. All the collected page info is fed via a Service Bus Queue to be then persisted in SQL Server customer databases.
Pixm also provides a multi-tenant portal front end application to enterprise users for managing various aspects of this anti-phishing product like threat, configuration, user and license management. This is built on React framework and Google Cloud Identity Platform is used as an authentication server which allows us to do a high degree of customization in authentication flow for our needs. Front-end deployment uses Azure CDN with Front Door. Front Door is an Azure service which allows us to use wildcard subdomains dynamically for each newly onboarded customer. When the Customer admins login to the portal using his subdomain they are able to see the threat feed time series data on their main dashboard.
All the services are running in a severless manner as Azure FaaS. The cloud provider handles the scalability and maintainability of the service containers and is billed based on consumption basis.
Phishing Detection Warning Page
Organization Management Dashboard
Threat Activity Dashboard