This article has 460 words.

What is okKoala?

okKoala is a software for examining and improving the cybersecurity of email inboxes. It allows simulated phishing attacks on the inboxes of your organization’s employees.

okKoala is responsible for:

Client-side administrator:

Selected functionalities

1. automatic shipping

In okKoala, you can design an automatic mailing such as: “Once a month, as long as it’s Wednesday, send a campaign to 50% of employees, preferring the people who click the most often.”. This allows you to set up the system once, and automatic notifications of completed campaigns will remind you of the toll on users’ carelessness. Those who clicked were automatically transferred to mandatory training. So for information, see the guides on automation and training management.

2. Access management

The global administrator (the highest accesses) can delegate minor privileges for some users so that a person can see reports, but not edit data personal data of employees. A user can have access to several organizations and directories, and have different permissions in each. Among other things, this is how the principle of zero trust. You can read more in the Security tab.

3. Log storage

okKoala collects logs of user activity on its portals, as long as it is the result of activity on portals crafted to look like what real cybercriminals look and work like. However, it does not collect such information as personal data or passwords, but only notes that someone has entered their data on such a portal (they have entered a password, but information on what that password is okKoala does not collect).

4. Securing phishing portals.

The advantage of portals set up by Koala is that they are checked for security and administered. Installing off-the-shelf portals can end up sending real phishing, if one does not have certainty and guarantees about the code running in the browser.

How it works.

okKoala is a SaaS (Software-as-a-Service) built on matrix composition. This means that you don’t need to install anything - just access to a browser. You only need to configure the whole thing once to enforce the right policies, user workflows, etc.

In the guts of koala are services made available externally (e.g., user management), internally (e.g., scheduled shipping service). The common address domain for all services backend is

For administrators and users, the application layer is provided by the website, which connects to the backend, and the actual http query routing process directs traffic to the actual service.