Technology Assessment

WHAT HAPPENS IF AN EMPLOYEE FALLS FOR A REAL ATTACK?

You have invested time, effort, and money in defenses. However, employees may still execute a malicious file. How do you know your defenses will work? To reduce the risk from malware coming into your environment, you need safe and effective ways to test your systems. This is where LUCY’s Malware Simulation Toolkit (LHFC) comes in place. LHFC is an advanced malware simulation suite capable of emulating various threat simulations equivalent to many of the tools employed by hackers.

Main Questions answered by this plugin:

  • Does your AV detect known Malware downloads?
  • Is your SIEM able to trigger activities from this tool?
  • Is Malware able to modify System Settings?
  • Is Malware able to communicate to external servers?
  • Can Malware access sensitive data on the local host or your intranet?

HOW COULD MALWARE ENTER YOUR NETWORK?

The Email and Internet malware protection test checks whether the implemented security measures are sufficient to defend against an unstructured or structured malware attack via the e-mail infrastructure or internet infrastructure.

With our software you can check which file types could potentially enter the company and which are blocked by the security infrastructure. LUCY works with a wide range of file types that can be brought to the end system via e-mail or on a website for download. You can thus see whether potential malicious code, such as Java files, backdoors, scripts, embedded Office Objects are detected and blocked by the filter infrastructure.  Based on these results, you can then carry out targeted phishing campaigns.

Main Questions answered by this plugin:

  • How can malware potentially enter your network?
  • What type of file types can be send as attachments to the end user?
  • What type of file types can be downloaded from a website by the user?
  • Does your internet and mail protection software detect potential malware?
  • Does your internet and mail protection software detect obfuscated malware?