Employees are the last line of defense. This is why education, the testing of know-how and the active involvement of employees in your cyber defense are essential components of your IT Strategy. LUCY is SOFTWARE that allows companies to take on the role of an attacker and uncover and close weaknesses in both the technical infrastructure and the staff.
LUCY Multitenant Server can be downloaded and run on-premise within your intranet so that no data is transmitted outside of your organization. As an alternative, it can be used as a cloud-based solution with restricted access for only your staff.
How to test people and educate them?
IT-security awareness training, people testing and education – LUCY Phishing Software makes phishing simulations and IT-security awareness trainings easy! It is the best solution to maintain vigilance against malware attacks and educate your organization to recognize cyber threats.
Everything is a campaign based on a scenario – And its easy! You can choose out of 200 different best-practice templates when you create a campaign and adapt it to your own specific needs. There are all types of scenario templates available: Phishing (hyperlink, file/download, mobile storage device and even SMiShing), awareness training or technical malware templates (see below).
Mixed and custom campaigns – Of course, you can mix your campaign with different scenarios and send different templates to different recipients. If you do not want to use templates you launch entirely custom-built phishing simulations.
Designed for non-technical persons – Input for best-run phishing simulations often comes from the business side of an organization rather than from its IT department. That is why one of the key benefits of LUCY is the potential for campaigns and simulations to be managed by users who are not technically-trained individuals. You do not need to go to a “hacking school” to operate LUCY!
Educate your people and improve their cyber threat knowledge with predefined learning content or add your own training content.
Report, analyze, learn and improve your future simulations – Detailed state-of-the-art reporting generally fits the needs of risk management and GRC officers, or other stakeholders. LUCY’s integrated dashboard and in-depth statistics provide the data necessary for IT-security specialists to analyze past campaigns or improve future ones. The integrated campaign comparison and trend analytics functionality facilitate this work, especially for larger organizations. Key facts:
- Real time monitoring: emails opened; link clicks; successful attacks; recipient’s operating system; recipient’s browser & plugins; plugin & browser vulnerabilities; mail plugin results; training stats; quiz results; file downloads and file execution or any data gathered by the malware simulations.
- Reputation-based end user profiles
- Monitor attack statistics and eLearning progress
- Export data (CSV, API, PDF, HTML, DOCX)
Rerun and become safer! – Cyber threats and IT-security risks are real. Having a campaign-based view does not lead to a well-prepared workforce or a vigilant organization. Simulations and campaigns need to be run on an ongoing basis. LUCY allows you to run campaigns the whole year round!
What is LUCY’s Technology Assessment?
It’s infrastructure testing: You can run customized client vulnerability detection routines. They check out the posture of browsers installed in the organization; it checks if there are any hooks, which can be used by attackers, and determines to what degree they could be exploited. Results are shown in the campaign reporting.
Our second technology assessment method uses LUCY’s Malware Simulation Module. After a successful infection, it starts with the client and goes through a long list of client configuration items to determine if they are set correctly. But you also can start the program manually without a phishing simulation campaign to directly determine if there are any flaws in your IT infrastructure.
In addition to the methods mentioned above, LUCY provides safe and harmless tools for manual technology assessments executed by senior assessors.