Run Malware Tests & Simulations on your Companies Infrastructure
Through a phishing simulation, you find out that some of your employees activate macros in Word documents. But what harm could a real attacker do with such a macro? Are there any other file types that an attacker could deliver to your employees? These and other questions will be answered in the technical tests. The e-mail and internet malware filter test gives you an insight on how your mail server and web proxy handle different variations of potentially dangerous file types. You can thus see whether potential malicious code, such as java files, backdoors, scripts, embedded office objects, etc. are detected and blocked by the infrastructure. Based on these results, you can then carry out targeted phishing campaigns or close discovered gaps.
To reduce the risk from malware in your environment, you also need safe and effective ways to test your systems. This is where LUCY’s Malware Simulation Toolkit (LHFC) comes into play. LHFC is an advanced malware simulation suite capable of emulating various threat simulations equivalent to many of the tools employed by hackers. The local windows test (LHFC) will let you know if your defences work in case an employee executes a malicious file.
1
Malware Testing Toolkit
The Malware Simulation Toolkit is an advanced malware simulation suite capable of emulating various threats. It allows an auditor to access an advanced set of features equivalent to many of the tools employed by cyber criminals. The tool, therefore, allows the LUCY administrator to perform security checks without involving employees outside the IT department.
2
Mail and Web Filter Test
This functionality provides the answer to one of the most important questions in securing Internet and mail traffic: Which file types can be downloaded from the Web, and which e-mail attachments are filtered out or not?
3
Active and Passive Client Vulnerability Detection
This feature allows local testing of the client browser and detection of possible vulnerabilities based on custom JavaScript libraries and the browser’s user agent data. The discovered plugins can be automatically compared with the vulnerability databases (CVE) to identify vulnerable devices.
4
Spoofing Test
Test your own infrastructure for mail spoofing vulnerabilities.
LET US SUPPORT YOU IN THE ANALYSIS OF YOUR INFRASTRUCTURE
Interpreting highly technical tests requires a profound expertise in IT security and the know-how of the involved products. It is often possible to improve security by optimizing certain settings (e.g., within the GPO’s, on the web proxy, etc.). Our security consultants will be happy to support you in the planning and execution of technical tests. With over 20 years of experience in penetration testing and consulting, we guarantee a profound analysis.
- Security assessments and penetration tests:
Our team has been supporting clients in the area of ethical hacking for over 20 years. Benefit from our experience and let us carry out a security analysis for you. Want to know more? … - Mail and web filter test: Interested in finding out what type of malware can slide through your perimeter? Want to test the security configuration of your mail and web proxy? Book a mail and web filter test with our security consultants. Want to know more? …
- Local security test: What is the effective risk if an employee executes a dangerous file type? How well does technical protection work to prevent data leakage? Want to know more? …
- Analysis of attack potential: Which sensitive employee information can be viewed on the Internet? What do employees communicate via their company e-mail address when on the Internet? Want to know more? …
- Darknet analysis: We search the Darknet for existing data leaks and thus show a comprehensive risk picture, which does not only include the inside view. Want to know more? …