Do your security controls work?
The Email Threat Simulator is a test product that can assist your business in validating the value of security investments and defending the choices taken while building a security operations plan.
Oct 7, 2022 2:50 pm
The problem: organizations spend lots of money on security controls. But are they working?
Use our Email Threat Simulator to get protected against email attacks, even ones that have never been seen before, as the cyber-threat landscape continues to get more sophisticated.
Create a threat model specific to your company.
The Email Threat Simulator is a patent pending test product that can assist your business in validating the value of security investments and defending the choices taken while building a security operations plan.
Email Threat Simulator (ETS) from Keepnet Labs defends against email attacks. One of the riskiest types of attacks that result in significant data breaches is target-oriented phishing attacks (also known as spear phishing). As stated by the researchers,91% of the violations were targeted by spear-phishing attacks.It takes an average of 146 days to detect a violation.An average of 82 days is required to prevent cybersecurity breaches.The overall average cost of data breaches is about $ 4 Million.Keepnet Labs sends real attacks to your secure email account to test whether these attack vectors reach your inbox.
Keepnet Labs Email Threat Simulator Workflow
Email Threat Simulator sends genuine attack vectors to your test email to evaluate your business email domain, then connects to the test mailbox to check the vulnerability status when you share the information and set up parameters for your test account.
Get Your Private Demo Session
Book a free 30-minute video call with our experts.
Awareness Training Modules
Unlike the other cyber threat simulation platforms, Keepnet Labs Email Threat Simulator offers some unique methods, which will convince individuals to use it:
It controls missing/incorrect configuration options, unlike other vulnerability scanning services. Systems that test active network devices by shifting traffic are insufficient, and Keepnet Labs’ real attack vectors exacerbate this deficiency. Its domain squatting features and integrated cyber intelligence services enable it to report on incursions.
Integration Options for Corporates Network
Full integration possibilities are available for businesses that have closed down services such as Pop3 and Imap to the outside world and provide web-based email access to their subscribers. In this case, integrating with the “Outlook Web Access” option is the best way to connect to the test email box.
Key Differences of Keepnet Labs Awareness Educator
Email Attack Vectors and Modules
It checks your email service for known vulnerabilities. It is compatible with automation scanning applications like Nessus and Nexpose, as well as third-party services like Mxtoolbox.
It includes attack vectors for Internet users.
Email attachments contain known malicious documents. These attachments have failed to be identified by antivirus tools and are intended to be detected by behavior analysis. It is compatible with the Metasploit tool and a variety of third-party services.
It includes samples that mimic recognized ransomware and its behaviors.
It examines missing or defective setups. It uses active scan options to examine known and frequently misconfigured configurations, and it also provides test scenarios to determine if you are adopting the best configuration options.
It contains emails containing known internet browser vulnerabilities. It occasionally includes a link or a misused piece of code.
File Formats Exploits
It works integrated with known file types (pdf, word, mp4, etc) with the Metasploit tool and various third-party services.
Sign up for Keepnet Labs ETS
Contact firstname.lastname@example.org to start your free trial.
Create a test account
For the service to function properly, a test email address and password are necessary. Because the delivery status of emails cannot be checked if you do not define a password, the actual risk may not be notified to you! See the technical documentation here .
Secure Configuration Suggestions
If your organization has concerns about creating a security risk with this test email address and password, you can make suggestions:
You can restrict the test email’s sending option. that shows you how you can configure it. By requesting the IP address of Keepnet Labs ETS servers, you can restrict access to these addresses.
Quick Scan Option
You may create your account definitions and begin browsing immediately. This option simulates attack vectors across all categories.
Advanced Scan Option
It is the scan option that you can customize settings and connect them to the schedule.
Interpretation of the Report Summary
Successful attacks are reported as “failed,” which is a problem that affects you and should be addressed. Attacks that fail are referred to as “passes.” This means you are not vulnerable to such assaults. The summary of the results is listed as follows.
Scorecards and Development Chart
Keepnet Labs Email Threat Simulator gives scores from A to F according to the results. The calculation of these points is as follows;
And the score tables point out the following:
Score: The score is calculated according to the average of Phishing, Vulnerability, and CTI (Cyber Threat Intelligence) scores. Phishing Score: The score you have calculated according to what you have received from the Keepnet Labs Phishing simulator. Vulnerability Score: The score is created based on the results of the weakness scan. CTI Score: The percentage of points awarded by the cyber intelligence services. The last 7 scan results provide visuals to report on your progress. You can see your progress based on Passed, Failed, and Unchecked output.
Getting Help with Keepnet Labs Email Threat Simulator
Please feel free to contact us with any questions you may have. email@example.com