LUCY

User Tools

Site Tools

Trace:
security_considerations

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
security_considerations [2019/10/08 14:18] lucysecurity_considerations [2021/12/13 14:25] lucysecurity
Line 1: Line 1:
 We work hard in making LUCY a secure product. Here is a quick overview of the most important security topics: We work hard in making LUCY a secure product. Here is a quick overview of the most important security topics:
  
-  * **Restricted network based access to LUCY**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=firewall_security_settings +  * **Restricted network-based access to LUCY**: [[firewall_security_settings|Firewall]] 
-  * **Secure the user access**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=password_policies_login_protection_strong_authentication +  * **Secure the user access**: [[password_policies_login_protection_strong_authentication|Password Policy]] 
-  *** 2FA Authentication**: https://wiki.lucysecurity.com/doku.php?id=2-factor_authentication_2fa +  * **2-Factor Authentication**: [[2-factor_authentication_2fa|2FA]] 
-  * **SSO**: https://wiki.lucysecurity.com/doku.php?id=sso_authentication +  * **Restrict the user access**: [[user_management|Administrative Users]] 
-  * **Restrict the user access**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=user_management +  * **Secure Setup of LUCY in DMZ**: [[setting_up_a_lucy_master_slave|Master & Slave]] 
-  * **Secure Setup of LUCY in DMZ**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=setting_up_a_lucy_master_slave +  * **Secure (and anonymous) storage of data**: [[confidentiality_of_campaign_data|Confidentiality of Data]]   
-  * **Secure (and anonymous) storage of data**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=confidentiality_of_campaign_data   +  * **Delete sensitive data:** [[deleting_sensitive_data|Data clean-up]] 
-  * **Delete sensitive data:** https://wiki.lucysecurity.com/doku.php?id=deleting_sensitive_data +  * **Secure communication channels**: [[ssl_configuration|Trusted ADMIN Certificate Generation with LUCY]] 
-  * **Secure communication channels**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=ssl_configuration +  * **Transparent network communication**: [[network_communication_-_lucy_--_internet|Network Communication]] 
-  * **Transparent network communication**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=network_communication_-_lucy_--_internet  +  * **Secure support**: [[remote_ssh_support|SSH in LUCY]] 
-  * **Secure support**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=remote_ssh_support +  * **Updates of the application**: [[update_lucy|Lucy Update]] 
-  * **Updates of the application and OS**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=update_lucy +  * **OS, Patches & Software**: [[technical_information|Technical Information]] 
-  * **Custom Admin URL creation**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=custom_admin_url_title +  * **Custom Admin URL creation**: [[custom_admin_url_title|Admin Path]] 
-  * **Ability to monitor all system activities**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=log_files_in_lucy  +  * **Ability to monitor all system activities**: [[log_files_in_lucy|System Logs]] 
-  * **Ability to monitor the system in real time**: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=system_performance_monitoring +  * **Ability to monitor the system in real-time**: [[system_performance_monitoring|System Monitoring]] 
-  * **Data Security, Processes Privacy (GDPR)**: https://wiki.lucysecurity.com/doku.php?id=company_application_and_data_security+  * **Data Security, Processes Privacy (GDPR)**: [[company_application_and_data_security|Company, Application, Data Security and Privacy]] 
 +  * **Ability to store key on HSM:** [[hsm_db_encryption|HSM Database encryption]] 
 +  * **Block access to campaigns based on IP-ranges and browser types**: [[filters|Filters]] 
 +  * **VPS Hardening info:** [[vps_hardening|VPS Hardening]] 
 +  * **Optional Web Application Firewall:** [[waf_suricata|WAF Suricata]]
  
  
 Additionally we perform regular external (anonymous) penetration tests according to the OWASP testing categories (https://www.owasp.org/). If you still should experience a security issue, please contact us under support@lucysecurity.com. Additionally we perform regular external (anonymous) penetration tests according to the OWASP testing categories (https://www.owasp.org/). If you still should experience a security issue, please contact us under support@lucysecurity.com.
  
security_considerations.txt · Last modified: 2021/12/13 15:13 by lucysecurity