This article has 460 words.
What is okKoala?
okKoala is a software for examining and improving the cybersecurity of email inboxes. It allows simulated phishing attacks on the inboxes of your organization’s employees.
okKoala is responsible for:
- maintenance of outboxes.
- collecting information on the success of attacks
- preparing reports
- providing training for employees
- portals and domains to redirect clickers.
- providing email templates
- maintenance of the mailing automation system
- necessary backups, security and maintenance of systems.
- issuing certificates of completion of the quiz.
Client-side administrator:
- plans a continuous security maintenance strategy
- automates shipping
- introduces users (links to domain).
Selected functionalities
1. automatic shipping
In okKoala, you can design an automatic mailing such as: “Once a month, as long as it’s Wednesday, send a campaign to 50% of employees, preferring the people who click the most often.”. This allows you to set up the system once, and automatic notifications of completed campaigns will remind you of the toll on users’ carelessness. Those who clicked were automatically transferred to mandatory training. So for information, see the guides on automation and training management.
2. Access management
The global administrator (the highest accesses) can delegate minor privileges for some users so that a person can see reports, but not edit data personal data of employees. A user can have access to several organizations and directories, and have different permissions in each. Among other things, this is how the principle of zero trust. You can read more in the Security tab.
3. Log storage
okKoala collects logs of user activity on its portals, as long as it is the result of activity on portals crafted to look like what real cybercriminals look and work like. However, it does not collect such information as personal data or passwords, but only notes that someone has entered their data on such a portal (they have entered a password, but information on what that password is okKoala does not collect).
4. Securing phishing portals.
The advantage of portals set up by Koala is that they are checked for security and administered. Installing off-the-shelf portals can end up sending real phishing, if one does not have certainty and guarantees about the code running in the browser.
How it works.
okKoala is a SaaS (Software-as-a-Service) built on matrix composition. This means that you don’t need to install anything - just access to a browser. You only need to configure the whole thing once to enforce the right policies, user workflows, etc.
In the guts of koala are services made available externally (e.g., user management), internally (e.g., scheduled shipping service). The common address domain for all services backend is https://api.okkoala.com.
For administrators and users, the application layer is provided by the https://okkoala.com website, which connects to the backend, and the actual http query routing process directs traffic to the actual service.