security_considerations
This is an old revision of the document!
We work hard in making LUCY a secure product. Here is a quick overview of the most important security topics:
- Restricted network based access to LUCY: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=firewall_security_settings
- Restrict the user access: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=user_management
- Secure Setup of LUCY: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=setting_up_a_lucy_master_slave
- Secure (and anonymous) storage of data: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=confidentiality_of_campaign_data
- Secure communication channels: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=ssl_configuration
- Transparent network communication: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=network_communication_-_lucy_--_internet
- Updates of the application and OS: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=update_lucy
- Custom Admin URL creation: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=custom_admin_url_title
- Ability to monitor all system activities: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=log_files_in_lucy
- Ability to monitor the system in real time: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=system_performance_monitoring
- Data Security, Processes Privacy (GDPR): https://wiki.lucysecurity.com/doku.php?id=company_application_and_data_security
Additionally we perform regular external (anonymous) penetration tests according to the OWASP testing categories (https://www.owasp.org/). If you still should experience a security issue, please contact us under support@lucysecurity.com.
security_considerations.1550230703.txt.gz · Last modified: 2019/07/25 12:50 (external edit)