Everything included in your deployment. No add-ons. No hidden modules.
Automated phishing campaign deployment with customizable email templates and credential capture landing pages. Human-cadence sending (90s–8min jitter per email) avoids detection by email security gateways. 300 emails/hour rate limiting per organization.
Real-time open, click, and submission tracking via unique per-target tokens. Enterprise bot filtering suppresses false positives from Proofpoint, Mimecast, Barracuda, and other email gateway link detonation systems.
Dynamic per-employee risk scoring (0–100 scale). Click penalties, submission penalties, report bonuses, and training recovery points. Department-level aggregation. Repeat offender identification. Historical trend tracking.
On-demand PDF reports with campaign metrics, training completion rates, posture scoring, and risk trend analysis. Export-ready for insurance brokers, board presentations, and compliance audits.
Employees who click phishing links are immediately shown what they missed. Template-specific red flag breakdowns. Training completion tracked and factored into risk scores. Completion rates included in executive reports.
Outlook add-in for employee phishing reporting. One-click report from inbox. Matches against active simulations. Correct reports are rewarded with risk score recovery. Deployed via M365 admin center.
Google & Microsoft SSO via OpenID Connect. TOTP MFA for administrators. Session-based auth with httpOnly cookies.
No credential storage. PII log masking. HMAC-signed webhooks. Multi-tenant data isolation. Immutable audit trail.
PIPEDA compliant. CASL express consent. Ontario jurisdiction. Authorized security testing under Criminal Code s.342.1.
15-minute scoping call. First campaign live within 24 hours.
Request Onboarding