LUCY

This is an old revision of the document!

---

We work hard in making LUCY a secure product. Here is a quick overview of the most important security topics:

• Restricted network based access to LUCY: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=firewall_security_settings
• Secure the user access: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=password_policies_login_protection_strong_authentication
• Restrict the user access: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=user_management
• Secure Setup of LUCY: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=setting_up_a_lucy_master_slave
• Secure (and anonymous) storage of data: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=confidentiality_of_campaign_data
• Secure communication channels: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=ssl_configuration
• Transparent network communication: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=network_communication_-_lucy_--_internet
• Secure support: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=remote_ssh_support
• Updates of the application and OS: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=update_lucy
• Custom Admin URL creation: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=custom_admin_url_title
• Ability to monitor all system activities: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=log_files_in_lucy
• Ability to monitor the system in real time: http://phishing-server.com/PS/doc/dokuwiki/doku.php?id=system_performance_monitoring
• Data Security, Processes Privacy (GDPR): https://wiki.lucysecurity.com/doku.php?id=company_application_and_data_security

Additionally we perform regular external (anonymous) penetration tests according to the OWASP testing categories (https://www.owasp.org/). If you still should experience a security issue, please contact us under support@lucysecurity.com.