A1 Telekom, Adnoc, Autoriti Monetari Brunei Darussalam, David J Peck, Ethical Intruder, Frosta, Intuity, Principle Logic, Privasec, Sapphire, SEB, Siroop, Vaadata, VA Intertrading are official customers from LUCY Security

Meet 15 New Official Customers of LUCY

We are very happy that we can again officially name some customers! They come from all industries, not just from the information security corner.

 A1 Telekom, Adnoc, Autoriti Monetari Brunei Darussalam, David J Peck, Ethical Intruder, Frosta, Intuity, Principle Logic, Privasec, Sapphire, SEB, Siroop, Vaadata, VA Intertrading are official customers from LUCY Security

A1 Telekom, Telecommunication, Austria

A1 Telekom Austria is the leading communications provider in Austria with over 5.4 million mobile and 2.3 million fixed-network customers. The company operates its own networks and is a subsidiary of Telekom Austria, which is active in a total of eight Central and Eastern European countries. A1 employs over 8000 people in Austria.


Adnoc, Oil & Gas, United Arab Emirates (UAE)

The Abu Dhabi National Oil Company (formerly Adgas) is one of the world’s largest oil producers. Adnoc is a state-owned company with a 90 percent share of the nationwide oil and gas reserves of the United Arab Emirates.


Autoriti Monetari Brunei Darussalam, Banks – Finance, Sultanate of Brunei

The Central Bank of the Sultanate of Brunei is not the first such institution to count LUCY Security among its clients. But it is the first central bank we can call public J


FroSTA, Food Industry, Germany

In Germany, as in the whole German-speaking area, FROSTA is a household name. It is the only frozen food brand with the Purity Law. 100% real pleasure. No tricks. No secrets. For over 10 years FRoSTA has consistently dispensed with additives and the company promises the best taste only from the best ingredients. Some LUCY employees are FroSTA fans!


SEB, Banking, Sweden and Estonia, Latvia, Lithuania, Russia and Ukraine

Skandinaviska Enskilda Banken (SEB) is a universal bank with the claim to be the leading Nordic bank. It has subsidiaries in all countries bordering the Baltic Sea and the Ukraine. There is also a worldwide network of branches for corporate customer business. The financial institute was founded in the 1850s by Oscar Wallenberg.


Siroop, e-Commerce, Switzerland

Siroop is a leading electronic marketplace in Switzerland. Products from local, regional and national dealers are offered from a single source. At siroop you can buy everything, over 1 million products and over 500 Swiss dealers are available in the e-Shop.


VA Intertrading, Trade, Austria

VA Intertrading was founded in 1978 under the name Voest-Alpine Intertrading GmbH and is now an outstanding trading company and Austria’s leading trading house. In addition to trading activities, VA Intertrading offers services such as transport and logistics, futures and trade finance. The wide network of branches all over the world guarantees VA Intertrading customers optimal access to markets and manufacturers.


New official customers from the cyber security industry


David J Peck and Associates LLC, IT Security, USA

The Pennsylvania-based company specializes in penetration and security testing. The specialists of DJPA belong to the power users of the LUCY server and the company is one of the top addresses for independent security tests on the American East Coast.


Ethical Intruder Cyber Security, IT Security, USA

Ethical Intruder is a specialized security service provider with its own standard solutions and tailor-made services for the financial sector, retail trade, healthcare and medical technology. The company is based in Pittsburgh, the hometown of a LUCY competitor and we are very pleased that the well-known Ethical Intruder has nevertheless chosen LUCY!


Infiltration Labs, IT Security, USA

Infiltration Labs is committed to securing and testing our customers’ systems. Phishing assessments, social engineering, vulnerability assessments, training and other services are offered. The nationally operating company is based in Fort Lauderdale, Florida.


Intuity, IT Security, Italy

Intuity, based in Padova, offers IT security services around’Red Teams’ or’Blue Teams’. This also includes vulnerability assessments and penetration tests, which are necessary to carry out the “official evaluation of the robustness of IT process support infrastructures” known in Italy.


Principle Logic, IT Security USA

The company around the security expert and well-known book author Kevin Beaver offers various information security services. These also include “Website and Application Vulnerability Assessments” or “Internet of Things (IoT) Vulnerability Assessments and Penetration Testing”.


Privasec, IT Security, Australia

Privasec, the Australian information security company, has a national and international clientele. With offices in Sydney, Melbourne, Brisbane and Auckland (NZ), the company provides Cloud & Cyber Security services, including Compliance, Risk & Governance and Pentration Testing Services. Particularly worth mentioning are Privasec’s Health Checks and ISO27001 services.


Sapphire Security, IT Security, United Kingdom

Founded in 1996, Sapphire is one of the leading cyber defence companies in northern England and Scotland. The company has four offices in the UK and is one of only 42 companies in the UK that have achieved the level of certification to evaluate and certify the British “Cyber Essentials Programme”.


Vaadata, IT Security, France
The aim of French Vaadata from Lyon is to democratise cyber security with innovative services suitable for both start-ups and large companies. Vaadata’s values are based on our shared passion for hacking and the human factor. These are values that are very similar to those of LUCY Security. It’s a great Infosec company!



Robert Bosch uses LUCY for Phishing Simulations

Customer Story – Experiences with the use of the LUCY Phishing Awareness Training Server at Robert Bosch

An interview with Patrick Zeller, Senior Manager Enterprise Security, Robert Bosch LLC.

Robert Bosch uses LUCY for Phishing SimulationsMarch 2017 – “Bosch” is one of LUCY Security’s first major customers. Thanks to its support, the LUCY Phishing and Awareness Training Server was able to develop rapidly. At the beginning of the year 2017, we interviewed Mr. Zeller on the use and experiences with the products.

Mr. Zeller, how and to what extent does Robert Bosch use the LUCY server?

Patrick Zeller: We use Lucy to educate our employees around the world, on the dangers and risks of phishing and to raise awareness about this. Our employees are given the opportunity to gain experience on this topic, within a safe environment.

And since when is the product been used by Bosch? Can you tell us something about the volume of the already-conducted campaigns?

P.Z.: After an initial evaluation in autumn 2015, we have been using the LUCY Phishing Awareness Training Server since spring 2016. We have conducted various campaigns in more than 10 different languages, with up to 300,000 recipients. Also, since the end of 2016 we have been using the new function of “USB phishing”.

Can you now say something on the benefits of the phishing simulations; has the awareness against cyber risks actually increased among the employees?

We have not yet performed enough campaigns to have proving evidence, with regard to the “click-through rates”. We expect the first KPIs by the middle of the year. However, the feedback of our employees on the respective campaigns is very positive. What we can say with certainty is that we have noticed a significant increase in the notification rates / reports on phishing emails to our internal CERT, as a result of the phishing campaigns carried out so far. This indicates an increasing general awareness of our employees.

Do you remember the incidents; have there been fewer breaches, infections, or something similar?

These are internal data on which I unfortunately cannot comment on. However, since security have always been a top priority for Bosch, we have traditionally been very well positioned here. We see the topic “Security Awareness Phishing” as a complementary tool and measure in our IT security portfolio.

Thank you, Mr. Zeller. Let’s now get to the product itself: why did Robert Bosch GmbH opt for LUCY?

In addition to its excellent price / performance ratio, the decisive factor was the fact that we could completely run the LUCY Phishing Awareness Training Server in-house or on-premise. This is important to us, as it ensures that no sensitive data from our employees leaves the company. Overall, this equally helped us to obtain approval from our worker`s council, since we could convincingly demonstrate and ensure that no employees are monitored. LUCY gives us the flexibility to individually design campaigns and to execute them completely anonymously. It is our goal to train our employees and not to carry out performance checks on them!

And how were the experiences so far?

Overall, it is very positive; as such, we’ve decided to continue with the LUCY Phishing Awareness Training Server. We appreciate the close contact with LUCY’s developers, who can directly support us in case of problems and who are always open for new feature requests. With the version 2.x, we had some performance issues at the beginning, but since the version 3.0, the product has significantly matured and it runs reliably. Unfortunately, the report generator can only be used to a limited extent, because we have very specific requirements, which is due to the size and complexity of our organization. Fortunately however, we can solve this by exporting the results, which we then appropriately prepare for ourselves, through our database applications.

Can you tell us about your favorite features or templates and how are you satisfied with the product?

To be honest, we rarely used pre-made templates in the past. We have too much fun in implementing our own ideas. In general, LUCY’s flexibility is certainly a feature which we greatly appreciate. Also, the “Randomized Phishing” and the “Double Barrel Attacks[1]” are among our favorite features, since they are very efficient and easy to configure. Currently we are looking at the new Phishing Incident Plugin for Microsoft Outlook (Note: Phishing alert button). Overall I can say that LUCY is a very efficient tool for my team, for creating awareness amongst our employees and it meets all our requirements!

Thank you very much for this interview, Mr. Zeller.

[1] In a double barrel attack, the system first sends the user a lure email with a teaser text. The system then waits for some time, before the actual phishing email is sent to the user.

About the LUCY Phishing Awareness Training Server

The LUCY Phishing Awareness Training Server is used for the simulation of technical social engineering attacks and it is universally applicable from SMEs (Small Application Areas Phishing LUCY Server Robert Boschand Medium size Enterprises) right up to large customers. The product can locally be installed at the customer’s location; a cloud variant is also available. The Swiss solution provides dozens of preconfigured phishing templates and training modules, which can be independently used by the end user. Through the “Phishing Incident Plugin” for Microsoft Outlook, the user is opportune by his/her quick reception of an alert, in the event of an attack; this thus reduces the work put in by the security team in the analysis of the threat.

For further information please contact LUCY Security at +41 44 557 19 37 or at

Phishing Campaigns with hundred of thousands of users - Robert Bosch is a LUCY Customer

Phishing Campaigns with up to 300,000 recipients – Robert Bosch LLC is a LUCY Customer