For many years, one of the most effective attack vector against organization is the attack on the employee as the weakest link in the chain. Phishing campaigns, involving the use of social engineering, are nowadays the basic tool for cybercriminals.
APT BAIT is a platform, created by polish ITC security specialists; polish product, developed entirely by Immunity Systems - a highly specialized company focused on security services. The main asset of Immunity Systems is the team of experts with over ten years of experience in offensive and defensive IT security, including system implementation and verification of security levels of implemented systems. As a natural goal of company’s development, APT BAIT platform was created. Besides the implementation (as SaaS mode, managed services or on-premise deployment), Immunity Systems provides constant updating of software and new, constantly developed phishing scenarios..
The APT BAIT platform has been successfully implemented for many companies in Poland, mostly financial sector institutions. Scalability of the solution due to the number of users allows an easy extension based on product license. In addition as a manufacturer, we are glad that the client can choose the implementation method of APT BAIT platform: SaaS model (cloud based), managed services, based on the cloud model and as a last possibility – on-premise deployment, based on client’s infrastructure with no cloud connectivity.
APT BAIT is a tool used to carry out phishing attacks and collect information about their effectiveness - its task is to analyze the level of employee IT security awareness. Each campaign consists of one or more scenarios, each scenario in turn realizes and measures many goals, e.g.:
Campaign management is carried out through a responsive, modern and user-friendly web interface, operating on both desktop browsers and mobile devices. APT BAIT additionally has a basic offensive module, allowing the campaign recipients to be infected with malware simulation software (MS Windows systems), providing the functionality of launching basic commands on compromised workstations (downloading a screenshot, browsing files). The aim of these tasks is to analyze the employees IT security awareness, as well as the reaction of the company's employees on the IT security incident response and handling. The analysis may also include the effectiveness of IT systems that should stop or detect this type of attacks (IPS devices, IDS, NGFirewall).
monitor employees' awareness in order to effectively manage the IT security trainings
to sensitize employees to current techniques used by cybercriminals
strengthen the protection of your organization by strengthening the weakest link (human being)
build awareness of cyber threats among employees, which is one of the most important elements of any IT security management plan in the company
For many years, one of the most effective attack vector against organization is the attack on the employee as the weakest link in the chain. Phishing campaigns, involving the use of social engineering, are nowadays the basic tool for cybercriminals, persuading users to click a malicious link or launch a dangerous attachment, providing unauthorized access to critical company resources. This type of threats cannot be defeated even by the best IT systems. This is the place where APT BAIT takes the control.