Differences

This shows you the differences between two versions of the page.

--- security_considerations [2016/12/14 16:16] – lucy
+++ security_considerations [2021/12/13 14:25] – lucysecurity
@@ Line 1: / Line 1: @@
 We work hard in making LUCY a secure product. Here is a quick overview of the most important security topics:
-  * **Restricted network based access to LUCY**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=firewall_security_settings
+  * **Restricted network-based access to LUCY**: [[firewall_security_settings|Firewall]]
-  * **Secure the user access**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=password_policies_login_protection_strong_authentication
+  * **Secure the user access**: [[password_policies_login_protection_strong_authentication|Password Policy]]
-  * **Restrict the user access**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=user_management
+  * **2-Factor Authentication**: [[2-factor_authentication_2fa|2FA]]
-  * **Secure Setup of LUCY**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=setting_up_a_lucy_master_slave
+  * **Restrict the user access**: [[user_management|Administrative Users]]
-  * **Secure (and anonymous) storage of data**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=confidentiality_of_campaign_data
+  * **Secure Setup of LUCY in DMZ**: [[setting_up_a_lucy_master_slave|Master & Slave]]
-  * **Secure communication channels**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=ssl_configuration
+  * **Secure (and anonymous) storage of data**: [[confidentiality_of_campaign_data|Confidentiality of Data]]
-  * **Transparent network communication**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=network_communication_-_lucy_--_internet
+  * **Delete sensitive data:** [[deleting_sensitive_data|Data clean-up]]
-  * **Secure support**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=remote_ssh_support
+  * **Secure communication channels**: [[ssl_configuration|Trusted ADMIN Certificate Generation with LUCY]]
-  * **Updates of the application and OS**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=update_lucy
+  * **Transparent network communication**: [[network_communication_-_lucy_--_internet|Network Communication]]
-  * **Custom Admin URL creation**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=custom_admin_url_title
+  * **Secure support**: [[remote_ssh_support|SSH in LUCY]]
-  * **Ability to monitor all system activities**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=log_files_in_lucy
+  * **Updates of the application**: [[update_lucy|Lucy Update]]
-  * **Ability to monitor the system in real time**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=system_performance_monitoring
+  * **OS, Patches & Software**: [[technical_information|Technical Information]]
+  * **Custom Admin URL creation**: [[custom_admin_url_title|Admin Path]]
+  * **Ability to monitor all system activities**: [[log_files_in_lucy|System Logs]]
+  * **Ability to monitor the system in real-time**: [[system_performance_monitoring|System Monitoring]]
+  * **Data Security, Processes Privacy (GDPR)**: [[company_application_and_data_security|Company, Application, Data Security and Privacy]]
+  * **Ability to store key on HSM:** [[hsm_db_encryption|HSM Database encryption]]
+  * **Block access to campaigns based on IP-ranges and browser types**: [[filters|Filters]]
+  * **VPS Hardening info:** [[vps_hardening|VPS Hardening]]
+  * **Optional Web Application Firewall:** [[waf_suricata|WAF Suricata]]
+Additionally we perform regular external (anonymous) penetration tests according to the OWASP testing categories (https://www.owasp.org/). If you still should experience a security issue, please contact us under support@lucysecurity.com.