ThreatCop Webinar & Transcription
What’s going on, Sumolings? Another product walk through webinar, I am Lindsay, and today I am joined by the team over at Ralcorp. This is a cyber attack simulator and security awareness training tool that analyzes the real time threat posture of an organization based on its members. It is on AppSumo right now, starting at sixty nine dollars for a lifetime deal. But before we dove into the tool, I just want to tell you a few quick things. The first thing is that if you want to tell us a little bit about your use case, why you’re interested in this tool, you can go ahead and do that in the chat room.
Also, if you just want to say hi to me, I love when you are saying hi to me. If you have any questions about the tools, the deal, how to get set up, go ahead and leave those questions in the Q&A box down below this video. And we will circle back to them at the end of the walkthrough. And the last thing is that there will be a replay of this available. So if you need to step out or if you just want to watch it again later, you totally can.
All right. That is enough for me. Hey, Potvin, how are you doing?
[00:01:09.240] – Potvin (ThreatCop)
I’m Greg Hardy. I’m doing all right, I’m going to pass this over to you for the walkthrough. Let me know when you’re ready to take questions afterwards. Some. Welcome again to our second billion on the first deal was was very impressive for us. We got a lot of feedback, we got a lot of customers, was giving us a different ideas about the products that are features which have been developed and the kinds of things that are that are not limited to just a product which is on a ship somewhere.
But there is a lot of feedback on for those products now become a bit of a good deal, which is that Taco Bell is one of the leading security awareness. So and it’s a very different story why we started Tricorp. So basically when it was back in 2000 when my email account got had via phishing attacks, and that’s where I thought that, OK, I’m not the only one who will be suffering a loss because of this kind of attack, but there are multiple people out there will suffer the same loss because of these kind of attacks.
And the secret is that 90 percent of attacks which are happening is because of people. So either this is a human error or you have been attacked by the media, which is e-mail and the kinds of things which can come around. But it’s just a one attack. So if you if you just sitting around the whole things which are happening into the into the system is basically because of the people who are to know when to break it very quickly. And that’s how we built this entire tool.
So it’s kind of a virtual hacker for you. What you can do with this tool is you can simulate different kind of threat into your organization and check out what kind of risk you are right now for different aspects. So we come up with a different model by which you can attack what is a machine as the known as phishing, which is e-mail your ransomware. So basically what you are doing is you are trying to attack your own people to understand what kind of risk you are in not only this, but also what you are doing is Bettison that we give them exact idea, let’s say if you use.
I talked to them and then they click on the open that e-mail of their contact page and some of the details you get each and every tracking of these, how many people open those links are going to click on those links. How many actually got had none of this. But once the people got had they actually receive a personalized training content, which you can circulate. But that could be an instant awareness page where we highlight the issues. OK, this is what we did.
And this could could have could have been or would be a potential threat so far. But you missed or ignored by clicking on the link. So we do that by sort of a.. Or let’s say if you put a premium bill in by doing an upgrade inside International, you will also get to view the content by which you can use it. So it’s a security. Simulation and awareness student, so let me just go through the demo on how you can set up an account and actually the first thing that you need to do is you go to Page Byroade.
And The Observer team has done a great job on describing how this works and everything you get, everything is click on by and it’s done by the code. Just go to the redemption page, which is about that today is less and less whatever code that you have.
So once you go on this particular specific page, you can get a link like this, like this forever password idea and everything, and it’s done from the end. Now, once you do the sign up, you will receive this. This getting started as an onboarding form. The first thing that you need to do is you need to add and verify your domain and why it’s very important as like so let’s say if if you wanted to send an email to anyone, what do you need to do is to tell us that this is the actual organizing, that you are attacking me and you have some kind of ownership to that organization where you have something to those attacks, because these attacks can be used very easily to actually get the actual attack running so far on the systems, all the background checks by which these attacks has been done.
And we clearly identified it, something like this kind of stuff. But not going back to the desk once this domain is is a domain name, for example, that if you are working for a company like me, I am looking for Canticle. So I should be very, very democratic domain. I could go click on a domain, which is a critical dot com.
And click on it, lets you click on add, what you do is you need to verify it, just click on this text, then you get this site verification so you can verify Martinez. So if you do not have access to Dienes, you can just upload a file, this particular file directly to the root domains or a roomful of a domain. And that’s how you will be able to check it out if you are an owner of this domain so that you will be able to attack on those people and understand what kind of risk they are right now.
So once it’s done, the next step to do is you can go to this central user. So now if you try to play the user directly without verifying a domain, you will not be able to do that. But if you already have very, very domain now you can put up imagery like this. That’s just a little bit of a test group. I need to put up an email derian. And just fill the details and that’s done from the outside, but what the users are uploaded, the next step you need to do is go back.
A campaign, so that’s very, very important step. So before creating a campaign, there’s one more step that you can choose or send it to the people is. So once you create a campaign template and when it’s a campaign ad campaign, it means a template which you want to tell people. So I’m going to say I just want to start a test campaign ad blitz and this could be an e-commerce attack. Let’s see. I want to do it in Arabic or or in Hindi, whatever you want it to go on to choose English for right now.
And I just choose the types of simulations. So the type of simulation, what it means that all these are for type of situation that we have what is only simulation attacks where you only send an email to test your user data, how much they are prepared they are to make sure that you are how much ready they are to to tackle the data which are actually happening inside their emails.
So there are tons of people who must be receiving this kind of fishing with our daily resources. And you need to understand that how many people are actually clicking on those links? How many people are getting hacked on a daily basis? I’ll tell you this. We did this kind of protection, one of the organization, the largest financial company here in India there. What we were able to do is very split. And there are 50 percent of people actually got hacked on that particular cell.
And that that means if this had been an attack, the loss because of this particular incident have been billions of dollars. So what you can do with this tool is you can test it out. How many people are actually vulnerable to these kinds of attacks and then train them accordingly? So now we’re going to create a somewhat the same kind of simulation of a template that we ask. So like I was I was explaining that what is so what is so is telling what is of an outstanding and what is gaming fight.
So simulation is only simulation where you do you just send an email which is a phishing email that clicks on it and take out hack. There’s nothing after that simulation training is a kind of template where you have an attack, then instantaneously you are to assign them up to the course. OK, so that’s a simulation to study the virus. And it’s only your understanding of the game if it is.
That you’re sending them a quiz gamification kind of model, but for have some users, you can only do so on attack only. But whenever you wanted to pretend that there was no problem to help out and that’s when you can do some additional tax planning or getting fined quizes. So the next step is to attack us now, like I mentioned, a different type of attack attacks, when we say the medium by which you want to test your employees toward pushing towards machine or machine, which is calling the attacks, like calling your friends, let’s say, what Autism Center people a text, how they respond to it, how quickly they are able to identify and how quickly you are able to resolve those issues.
So that’s what comes to the other type of directness. And you can see that by clicking on this. So we have of that, especially in Washington, cyber scams which are already available. OK, so I just go to the phishing section because it’s available and then phishing for the actual users. I just go ahead. The other part is investing. So what credential harvesting means that if you want to create this particular attack, do you wanted to capture the 80 percent of the user?
So, for example, let’s take an example. Do you want to simulate an attack saying, hey, look, this is sort of 65 template of like which is to direct them to click on the particular image. So you send them an e-mail saying this is a fake it’s a fake email that you sent to your employee and ask them to click on that particular page, which looks like a password change notification. So once they click on that particular particular take there where this would be landed and once they are a bit of a bitch, so they put their ideal password on those pages or not.
That’s what an attack or a credential harvesting means. So what do you generally try to get as try to capture the data that has been submitted on the landing page, will also discuss this in detail and go to the next steps. So I just click on this. Now we can go next. Just say all 365.
Osvald. Singer Jangi. The first thing is this, let’s say this is this is the main subject that I’m just trying to cross to you are the people who receive the next thing they didn’t do so far, as you can just say. Let’s take a look here. We are told he a password. Or what you can do so far as you can also important e-mail. Something like this. So that is what I wanted to copy this e-mail and wanted to make sure that this email, this should be should be looked like, I will be able to use this template to send an attack by users I to click on this or this business contact here and click on say so.
The exact template will be copied and this template will be used to attack your employees or your. Customers in place so that people understand that how they’re responding to this kind of tax image, once I do that, I just go to click on Xed that I need to save. Now, you also want to highlight that you are those the people go on onto those links or the click on that particular template retreated over here, let’s say, on this link, which is a way to verify where this would be landed.
So that’s what we on landing page and you could get. Let me see if I could copy this page. I wanted to make sure that they are logging onto the megadeal page. What the click over there. So let’s do that and put it out. Now, what this tool that create exact place like I some which is done, and now you can also say that once the people click on that particular page or type some of the imagery and password, what do you want to capture it?
They only want to capture the user name or image. You want to want to look at your password and once the login page, they’re distributed. If you click on this witness, what it does is it actually automatically create a beautiful awareness page to highlight the issues that you should not click on this link. You click on this page, something like this, once it’s done, or if you want to give them a specific, you are in there.
Once they click on login, they should be it. So I can put it especially like this particular Google dot com right now. So just do that and click on Next. Now, the next step is and which is very important that from which imagery that you want to sign in. So let’s say I get it on my e-mail template, which looks like a dead cop and the language is like look like absolute. So let’s say Anderson and Nathan.
Somebody like Sumo. Nightclub. Verify e-mail. Because we are a fighter pilot and even put up any domain that you want to put in, let’s say, test email from the dot com. So what it means is that you will receive this email from your users at Target, who’s received an email from this particular lady, which contains this particular email template, and once the people click on this e-mail should be added to this login page. So let me just check if this so we could check to see if this this is working or not.
But there’s a catch here. And let’s tell you what it is. So let me see. Yeah, so they sent an email to me, but this email will not be going to the inbox. I’m not sure why it came in because. Yes, because I am sending it for my own IP address. Yes, because we have a slightly different model and I beat us. So let me just check it out. So I think that I haven’t received that email writing to me, the reason is why I haven’t received that because I haven’t quite listed the IP addresses of the user.
So let’s say this is vitalism is very much required record. And what it means is that you are allowing this particular sender to make an attack to your users. And it is a very beautiful articles available on our Help Desk, which is held in a various forum that if you wanted to go over and G-suit out, we will do that. You want to write this in order to survive or exchange how you do that. And if you still feel any problem is any problem, just let us know so that we will be able to help out in this scenario, if you like, is these these are the selling domains are sending IP address or whatever it is.
Once you do that, you will be able to send an email from this email address. The challenges is because we are spoofing a particular domain. That’s why it is not being delivered on in my inbox. So what you need to make sure is first of this apprentices, then click on S.A.M. that the email will be delivered to your inbox. So that’s a very important task that you need to do now that the next step is going next. Now, you have a template that you that you have everything and everything is done on conflict.
So this is one important part that it’s asked is that you want to share this, this or not. What it actually means is let’s say we have around 400 Kepner’s users who are actively using our platform. So if the users wanted to share their thoughts on this so that the other user can can use those templates, that’s where it comes in. So this is kind of a community feature by which users can empower other other users, use that template for their employees and see how they are responding.
So this is what it is. And I don’t want to say right now the template is explicitly created. Let me go back again so you can see that I have already created a template which which has a phishing attack. And it’s interesting and which is. Yes. So I can just go and to it entirely if I wanted to do that. And then some other thing that you can actually use in this particular section. Now, let’s go back to my dashboard.
So I’ve created a campaign template. I’ve created the users. I’ve added a domain nexus listing. So this is what I I was previously mentioning. So what do you need to do is you have to make sure that your IP addresses from where you are sending an email is widely shared and it’s very, very important. So that because we are doing an attack, this antivirus, as our friends family does filter out these attacks and produce spam or they do not let them reach into the inbox.
So what did you it really matter as you do this and you can get these information right into our Help Desk? I just want to play. Let me just go to my account. It’s already been set it up. I can go here. And click on. Let we just do that. So everything is ready, so I need to do is click on Create Campaign. So that is a very important part, as I did. You can put your own template or we have a store where you have hundreds of companies which you can utilize for your own ends.
So you don’t have to create a campaign template. You can use the existing system templates which are available on the system itself. Let me just show you these templates. So these are hundreds of pamphlets which are available for the lady to remind you so you can utilize these temperatures, you can create your own if you want to. OK, let’s just go back so I just a capital test, then you select the user group, let’s say this, and now I need to choose between these three technicalities.
The system tablets are the templates where which is being created by that cop team. And like I was mentioning, that you have one index of that which you can choose from because these are the template that you created by yourself, like I did previously when I created the entire the landing page, the the profile and everything, the community temperature, the temperature where the other users have shared. And they have a very good experience with the temperature. They get it as in custom template, and then they share those numbers with the community so so that they can is going to use the system template.
And I going to click on this one. So now in e-commerce category, I have a one template I can choose eBay memory discount, let’s say this, this. So before I click on it, you know, or send it so you can just listen right now, this particular email or what you can do so far, you can also schedule that email so that they can go in a specific category. Apart from this, what else you can do so far is that you want to come again and again to create a template for your to do these and these attacks.
You can choose any capability which has more than five templates so that you will also have this random option where you can track the frequency to one time. DiClemente means these attacks will be politically return to your people on a monthly basis. On a weekly basis. Let’s say want to go for one year. So for years time these attacks will happen and you’ll see all these beautiful reported word. And how many people have got had what is your first list?
How many people are clicking on those links, etc., etc.. So you get all this information back into dashboard so you can just type of difficulty. Once you click on say now, you’ll find out that you’ll see those campaigns running in. And this section, which is a that’s the I just read this campaign, which I ran for one time and one users said his click over here and see that how many people actually open those emails, how many e-mails will say, how many people open, how many clicked, how many actually submitted the data?
And very important part is how many people reported. So we also have a report, email feature that people can go and click on the report button so that you can also understand how many people are were already of it. Once you click on this, you will also get a much more text. I just realized as normal as a campaign, which is I’m not the government yet, but this is already being done. So that means you will be able to run this.
See how many e-mails I do send out of which, how many people open, how many how many people got had not only this, but you also will get to know that that’s a flaw in your template for for ten people out of fifty people, you will be able to understand it, how difficult it is for your people to get had these letters, send it out and attack for thirty minutes, or let’s say you send it right now and after how much time the first hack has happened, that’s really important that we really call it a peace time.
So that’s the average time it will take and hacker to actually hack into an organization or a hacker, a particular user from your organization. So that’s very precisely very important. And you need to make sure that this bestand goes very, very high and that’s how you can achieve it. It’s like you have to reschedule the campaigns again, again and see what kind of behavior your users have. And to brag that they will actually go to this dashboard and where you will get all the details, like I just created this account as I am just getting this zero percent.
But you will also get to know that how much risk you are right now from a people perspective means that let’s say if you send an email to one hundred users out of the how many users are likely to be I mean, the chances of your organization to be had? Absolutely no. The insurance my industry is risk is around four percent, let’s say, at the three percent. And this is a algorithm’s this is not exactly like that if you send out a hundred emails for people with that type.
But it’s a calculative number that we arrive on that. What is the current risk of your organization from phishing or any social engineering standpoint? So the industry’s standard is four percent because I have not run any any campaign yet. That’s why this call is zero percent. But it’s quite high. It’s sometimes stuck with your anywhere between 40 percent to 50 percent generally. But you will also be able to understand how many Muslim employees you have, what are the risks and what are the countries from which you have a maximum linked clicks?
Not only this, but this is the overall dashboard where you can see how many you did so far today, how many people click on those links, how many got had, what kind of campaign to do and how many attempted that you have created the custom that you created. So this is all from a dashboard site. Let us go to the some other features like these reports. So you looked at the entire campaign and collected about it business, high groups and etc, etc.
There are a lot of reports which are coming in. Because we have a schedule like this to is in response to about. Aggregate reports and the other parties is say, if you have, you are not the actual.
A user who uses this, you created a discount and then you let your technical guy or any other guy use this particular platform. So what you can do so far, you can create a different user policies and user rules and assign according to their the rule, you can assign them a particular task or or attention from this dashboard. From here, you can define a policy what kind of access that they should have, etc., etc.. The other part is obvious, which is very important.
And this idea is only available for the users which are which are taking more than three calls. So it is then again as or given to individual users. But give you an absolute idea how much you undrivable your employees are from there. Like I mentioned, I just couldn’t or I don’t have any record because no one has actually submitted or clicked on any fishing links. But once the people are able to do that, you can check the entire score or ability of the user who you are submitting a text to.
And this is one of my favorite. Let’s say if if you wanted to know that if ever you had this this to contribute, to invest, let’s say if you wanted to check that if your data is ever compromised in any of the attacks, you just go and check that they have a dummy ID, which I used to do is just like this.
So you could check that if you ever been had to do any of the of the bridges, which is just out there in the public, so I might just e-mail account was compromised in this particular attack. And my password well, actually, this is out in the public means these are the breached databases which has been collected and with the help of our team at the backend. And also, we also get this data from a very, very esoteric intelligence platform.
So we collect this data to show the people that this is the particular platform that had been had previously. And if you’re using the same password which you are using, or else you should change it. There are some alerts for each other coming up. And then if you put it over, it will alert you that where you have been had on a real time basis as soon as we have that data into a database. So this particular data also contribute a significant amount in the event so that we build an actual external memory profile of a user so that you can track this on a daily basis.
So this tool eventually helps user or company owners, intrapreneurs or the people who are on the enterprise side to understand that. If I could also to hack, then what is the time that it will take him to hack it? And the best way for him to hack it? So in a hacking, it’s a very famous code that if you know, how do you know how to secure it? So that’s how on this particular level, this entire tool works.
So that’s that’s all from my side. I’m I’m happy to take questions. All right, simulants, if you have any questions that you want to drop in the Q&A box, now is your chance. I know siblings are always curious about roadmaps. So what can you tell us about that? So we have an open road map, so you just go to Henderson, come and look just. Well. So you can find out more directly on our website.
Just check, I must go. So we have a schedule calendar means what you will be able to do as you will be able to schedule your text. So what is it you can do a random attacks or what you can do is you can create a custom profiles of various attacks that you wanted to schedule an entire year with the custom profiles or custom e-mail campaign templates. You can do that. That’s very important. But the other it is gamification, which is is not a part of something like this, but we are building it up.
What it does is the education is a module where you actually use this particular thing to train your user effectively. So basically your users click on the links, go back into the end to the next step to check how much they are aware on on that simulation or on the text on on a daily basis, actively on on the scenarios, the global fishing and dismissing the assumption that phishing is only available for some specific country like us, India, Canada and all these.
But we are to make sure that we are we have a plan for launching 132 plus countries, others in creation at the backend. We do it manually, but we have our own elements, which is which is levels message. We are planning to do it, but also that you will be able to deliver the training modules very effectively to your users. Apart from this, there are the times something that has already in pipeline, like I mentioned, are different or various reports like hack records.
Your incident response will be standard words, etc, etc..
[00:32:58.150] – Lindsay (AppSumo)
Wonderful. Thank you. All right, we got just one more question here on the you are all that is cloned when the link is clicked from a phishing email. Is there any masking going on? If not, what Domain is showing you are? Oh, thank you so much for that detailed questions, what what we have is a there’s a with which happened to say I have created a template. Let me just do that. Go back to the Mekong.
[00:33:25.470] – Potvin (ThreatCop)
I have treated this particular template that we just added this. Go back. So here it is. So this is a particularly you are so you can put up any that you want to put in here without any problem and actually came to see me with this particular view on it. That means you can mask any horror that you want to do. So you can put up like Ximo or so. You can just let’s say I can just put this.
Not come, and it will look like Epsom was of bitch, so you can mask it very beautifully. It’s very easy. The only thing that you need to do is to create a senior military for this particular liberal, but with a rural outside. Awesome. All right. And those are all of the questions that we have here, simoleons, if you have any more questions, now is your moment to go ahead and put them in the Q&A box.
[00:34:25.690] – Lindsay (AppSumo)
I’m going to stall for just a second longer before I go ahead and wrap things up here. If you haven’t already small things, you can go to Ximo dotcom slash Threatcon to redeem your codes. This is starting at sixty nine dollars for a lifetime deal. Of course, that is backed by APSA 60 day guarantee. So you can go ahead, get set up, play around with it and see how it works for you. Once you’ve done that, you can go ahead and leave your reviews on the deal page.
We do love to read them. And of course, if you have any more questions, we don’t have any more here today. So if you have any more questions, you can go ahead and throw those on the deal page as well. Thank you so much for hanging out with us. It’s been a great time. Thank you for walking us through.
[00:35:12.910] – Potvin (ThreatCop)
Thank you. Thank you so much. Have a good one or.