Phishing Impact Testing
with NodeZero
What’s the true impact on your organization when an employee is phished?
Phishing is the most common type of cyberattack. There are over 1.35 million unique phishing sites detected worldwide. In response to this pervasive threat, it’s likely your ITOps and SecOps teams conduct security training and in-house phishing tests to raise security awareness and see who is susceptible. It’s time to go a step further.
-
Ensure that everyone in the organization understands the proven impact – not just the theoretical possibilities – of falling victim to a phishing scam.
- Understand what assets are most vulnerable so that you can better protect them.
- Efficiently evaluate systemic changes you can take to minimize your risks.
The NodeZero dashboard provides a consolidated summary of your Phishing Impact test, showing you the number of compromised credentials and the key weaknesses and impacts with detailed guidance about how to remediate them most effectively and efficiently.
Integrate with Your Phishing Campaign App
The NodeZero Phishing Impact test is designed to supplement your simulated phishing tools, such as KnowBe4, Proofpoint, and in-house efforts.
Simply copy the NodeZero script into your phishing landing page. Then the credentials of the users who responded to the lure will appear in the supporting NodeZero internal pentest you’ve created to run for the duration of the campaign.
Reveal Critical Impacts from Phished Credentials
Once you have set up your Phishing Impact test to interoperate with your phishing simulation, NodeZero automatically captures the credentials of the simulated phishing attack victims and uses them to pentest your internal network. You can use the report from this test to assess the business risk of a successful phishing attack, and identify security controls that can be put in place to mitigate this risk.
NodeZero Captures the Phished Credentials
As users are phished during the course of your integrated phishing campaign, their credentials are entered into NodeZero. By default, the phishing script will tell the user their login is incorrect in an attempt to gain additional credentials. You can see the phished credentials as they are added to the NodeZero Phishing Impact test in RealTime View both in the credentials list and the notable events log that gives you the timestamp for the addition of the credential.
The Phishing Impact test is conducted with Horizon3.ai’s secure methods that ensure cleartext credentials are not maintained outside of the test’s ephemeral infrastructure.
The phishing script will tell the user their login is incorrect in an attempt to gain additional credentials.
NodeZero begins testing the impact of a phished credential as soon as it is captured.
Here is a RealTime View showing how each phished credential is added to the NodeZero platform as a “Notable Event” with a timestamp. You can also see the running list of credentials being tested in the Credentials window on the right.
NodeZero begins testing the impact of a phished credential as soon as it is captured.
Easily understand how a phished credential impacts your environment and what an attacker can access.
- What type of data can the phisher access? Is it protected data? Crown jewels?
- Can the phisher gain admin access to hosts in your network?
- Can the phisher move laterally to cloud environments?
- Can the phisher elevate privileges and compromise other credentials?
What Could an Attacker Do with This Phished Credential?
Once a phished credential is added to the test, NodeZero uses it to probe your environment just as an attacker would. The resulting test helps you easily understand how each phished credential can impact your environment, including the data and domain privileges it can obtain.
Your organization’s risk varies with the blast radius of the phished credential. In this attack path, a phished domain user credential leads to domain compromise.
NodeZero shows you exactly when domain user compromise was achieved as a proofpoint of the exploit.
Beyond Simulation: Proven Impacts
A core strength of NodeZero is that it shows you the proofs of weaknesses it exploited and their associated impacts. When NodeZero shows you how it was able to achieve domain compromise with a phished credential, you’ve moved beyond simulation, to demonstrated proof.
Test Your Access Policies, Test Your Responses
Not only does this NodeZero capability help users understand the potential gravity of being phished, it helps security teams assess their defenses. Learning that a phished intern could lead to domain compromise can inspire security teams to tighten their least privilege controls.
You have numerous options to filter and drill into your results to understand the downstream impacts, such as the data that could be accessed by a phished employee credential.
Prioritize and Identify Systemic Issues
As a result of a Phishing Impact test, your organization will be able to easily understand which weaknesses need to be addressed to better protect your organization. NodeZero prioritizes your organization’s weaknesses and groups systemic issues so that you can address them holistically.
Interested in taking your Phishing simulations to the next level?
Request a demo.
Don't take our word for it.
What’s the true impact on your organization when an employee is phished?
You can now fully assess the impact of phished credentials on your organization. Tune into this webinar to watch the NodeZero platform evaluating the blast radius of every phished credential as it comes in using the Phishing Impact test.