As an auditing firm/security firm, your company is in a position to help clients maintain an adequate control environment. Your client’s stakeholders, such as customers, regulators and shareholders, expect it and your client also needs to protect their trade secrets and other business information. In addition, a data breach could be expensive, and negatively affect their reputation.
With access to PhishingBox, your company can conduct phishing simulations as an effective way to test client employees’ security awareness and susceptibility to social engineering tactics. By focusing on phishing, your firm can meet a significant need while using a highly automated method. Our system provides your company with an easy-to-use solution for conducting social engineering testing via phishing. Some key features of the system includes, but are not limited to, the following.
PhishingBox was designed with audit and security firms in mind. The system allows an audit or security firm to test multiple companies, or clients, within one account. From a single interface, you can configure and manage the testing for many different clients. This ability saves audit and security companies time and makes client management easier.
PhishingBox is simple to use. The intuitive menus and step-by-step guides limit training time and allows non-experts to use the system, allowing senior personnel to focus on more complex tasks. At the same time, the system provides access to advance features for customization and modification.
The system was designed to walk a user through setting up and running a test, minimizing training needs and saving time. The workflow also includes an automated process for client approval. With this process built-in, the is no need to document a client’s approval outside of the system. This approval process also minimizes the potential for employees to test non-clients or conduct unauthorized tests.
We provide flexible pricing options to fit your organization’s needs. For multi-client accounts, you purchase a pool of “targets” that are then available for testing. From this pool of targets, you can then test different clients. The license is not tied to a domain, but to the number of targets in your account. Contact Us to discuss your specific needs.
PhishingBox is hosted within a secure data center. Your firm’s users can access PhishingBox via a standard web browser. With PhishingBox, there is no need to carry laptops with testing software, or wondering who has the data for the report. Users can log in and see the tests that are scheduled, running, or completed.
Tests can be scheduled to run at anytime in the future. This feature allows you to schedule several tests at one time, with the test running at various times in the future. Each test can be configured with different timezones, which is useful when the client or target is in a different timezone from the person scheduling the test. Once a test is configured and approved by the client, it will run at the scheduled time.
There are many benefits for an audit or security firm to add social engineering testing via phishing to its scope of services. These benefits include, but are not limited to, the following:
We understand that there needs to be benefits to your clients. Such benefits will include, but are not limited to, the following: