I'm Vivek, founder of DefenceNet (by Datacove).
Over the past year, we've been working on a real-time phishing detection system designed to protect users from malicious links delivered through SMS, email, QR codes, and browsers.
Most existing phishing protection relies on blacklists or delayed threat intelligence feeds. In practice, attackers generate new domains faster than these systems can respond.
We wanted to solve this differently.
Our system analyzes URLs in real time before users interact with them, identifying signals like domain patterns, redirect chains, infrastructure characteristics, and behavioral indicators.
A few engineering challenges we faced:
• keeping detection latency under 50ms • minimizing false positives • handling large volumes of unseen domains • building cross-platform protection (mobile, browser, email)
We've deployed early versions and observed that a large percentage of phishing domains are active for only a few hours before disappearing, which makes static protection ineffective.
We’d love feedback from the HN community — especially from engineers working on security, browsers, or infrastructure.
Happy to answer any technical questions.