Defend Your People,
Not Just Your Perimeter
Simulate real-world phishing, social engineering, and physical security threats. Test your human defenses before attackers do.
Created
Delivered
Clicks
Captured
Generated
Simulated attack lifecycle — from launch to insight
The human element remains the biggest vulnerability
of breaches involve the human element
Verizon DBIR
increase in vishing attacks
KnowBe4
of phishing emails are AI-generated
Industry Report
Identity Providers supported
Attack Vectors available
QR Destination Types
Integrates with
CyberAssistant Mission
Everything you need to test your human defenses
A comprehensive platform for simulating real-world security threats across every attack vector.
Attack Simulation
Realistic simulations across phishing, QR codes, USB drops, and more.
Phishing Simulation
Launch realistic phishing campaigns with customizable templates, tracked links, and real-time credential capture analytics.
ExploreUSB Drop Simulation
Deploy tracked USB drives and monitor when and where they're plugged in, with full device fingerprinting.
ExploreQR Code Phishing
Generate tracked QR codes across 8 destination types with full scan analytics including device, location, and browser data.
ExploreCalendar Invite Simulation
Send realistic calendar invitations with tracked links to test employee awareness of social engineering via scheduling.
ExploreAttachment Tracking
Embed invisible tracking pixels in Office documents to know exactly when and where sensitive files are opened.
ExploreCampaign Management
Orchestrate complex multi-phase campaigns with scheduled delivery and full analytics.
Campaign Orchestration
Design multi-phase attack campaigns combining phishing, QR codes, and USB drops with scheduled delivery and A/B testing.
ExploreEmail Templates
Build and manage reusable email templates with a visual editor, variable substitution, and tracked elements.
ExploreSending Profiles
Configure SMTP sending profiles with connection testing, SPF/DKIM guidance, and per-campaign assignment.
ExploreUser Intelligence
Deep visibility into your organization's human risk through identity integration and advanced analytics.
User Sync & SSO
Connect to Azure AD, Google Workspace, Okta, OneLogin, JumpCloud, and LDAP for automated user synchronization and single sign-on.
ExploreSegmentation & Groups
Create dynamic user segments with advanced filtering rules to target specific departments, roles, or risk profiles.
ExploreReporting & Analytics
Track campaign performance, user susceptibility trends, and organizational risk scores with interactive dashboards.
ExplorePlatform
Enterprise-grade infrastructure built for scale, customization, and compliance.
Multi-Tenant Architecture
Complete data isolation per organization with separate databases, custom domains, and independent configurations.
ExploreWhite-Label Branding
Customize logos, colors, email templates, and domain names to match your organization's brand identity.
ExploreOn-Premise Deployment
Deploy on your own infrastructure with Docker containers for complete control over data residency and compliance.
ExploreSimple, transparent pricing
Choose the plan that fits your organization. All plans include core security testing features.
Starter
For small teams getting started with security awareness
- Up to 100 users
- Phishing simulation
- Email templates
- Basic reporting
- QR code tracking
- Community support
Professional
For growing organizations with advanced security needs
- Up to 1,000 users
- Everything in Starter
- Campaign orchestration
- USB drop simulation
- Attachment tracking
- User sync & SSO (2 providers)
- Advanced analytics
- Priority support
Enterprise
For large organizations requiring full platform control
- Unlimited users
- Everything in Professional
- All 6 identity providers
- Custom domains
- White-label branding
- On-premise deployment
- Calendar invite simulation
- Dedicated account manager
- SLA guarantee
Compare all features
| Feature | Starter | Professional | Enterprise |
|---|---|---|---|
| Attack Vectors | |||
| Phishing simulation | |||
| QR code tracking | |||
| USB drop simulation | — | ||
| Attachment tracking | — | ||
| Calendar invite simulation | — | — | |
| Campaign | |||
| Email templates | |||
| Sending profiles | |||
| Campaign orchestration | — | ||
| Landing page builder | — | ||
| Users | |||
| User limit | 100 | 1,000 | Unlimited |
| Identity providers | — | 2 | All 6 |
| SSO (SAML / OIDC) | — | ||
| Segmentation & groups | |||
| Platform | |||
| Custom domains | — | — | |
| White-label branding | — | — | |
| On-premise deployment | — | — | |
| Advanced analytics | — | ||
| Support | |||
| Community support | |||
| Priority support | — | ||
| Dedicated account manager | — | — | |
| SLA guarantee | — | — | |
Frequently Asked Questions
What is CyberAssistant?
CyberAssistant is an enterprise security testing and awareness platform that simulates real-world cyber threats -- including phishing emails, QR code attacks, USB drops, and document-based exploits. It helps organizations identify vulnerabilities in their human security layer before real attackers can exploit them.
How does phishing simulation work?
You create realistic phishing campaigns using our template builder, target specific user segments, and launch simulated attacks. The platform tracks who opens emails, clicks links, and submits credentials -- giving you actionable data to measure security awareness and identify users who need additional training.
Which identity providers do you support?
CyberAssistant integrates with six major identity providers: Azure AD (Entra ID), Google Workspace, Okta, OneLogin, JumpCloud, and LDAP/Active Directory. User sync is automatic and supports both SAML 2.0 and OpenID Connect for single sign-on.
Is our data isolated from other organizations?
Absolutely. CyberAssistant uses a dedicated database per tenant architecture. Each organization gets its own isolated database instance, ensuring complete data separation. There is no shared data between tenants -- your users, campaigns, and results are entirely private.
Can we deploy on our own infrastructure?
Yes. Our Enterprise plan includes Docker-based on-premise deployment. The entire platform runs in containers, making it straightforward to deploy within your own data center or private cloud. This gives you full control over data residency and compliance requirements.
How long does setup take?
Most organizations are up and running within a day. Connect your identity provider, and users sync automatically. From there, you can create your first phishing campaign in minutes using pre-built templates or the drag-and-drop builder. No complex integrations or lengthy onboarding required.
Do you support custom branding?
Yes. Enterprise customers can fully white-label the platform with custom logos, favicons, email templates, and custom domains. Your employees interact with a branded experience that looks and feels like an internal tool -- increasing engagement and trust in your security awareness program.
What kind of reporting is available?
The platform provides interactive dashboards with campaign analytics, user susceptibility trends, device and browser tracking, and geographic data visualization on interactive maps. Export reports as CSV for integration with your existing SIEM or GRC tools.
What attack vectors does CyberAssistant support?
Beyond email phishing, the platform supports QR code phishing (8 destination types), USB drop simulation, document attachment tracking (Word, Excel, PowerPoint), calendar invite simulation, and customizable landing pages. This multi-vector approach tests your organization against the full spectrum of social engineering threats.
How is pricing structured?
We offer three tiers -- Starter, Professional, and Enterprise -- each with custom pricing based on your organization's size and requirements. All plans include core security testing features. Contact our sales team for a tailored quote and to discuss which plan best fits your needs.
Ready to test your defenses?
Discover where your human security layer is vulnerable before real attackers do.