Additional Info

CompanyLucy Security
Company size (employees)10 to 49
Type of solutionCloud/SaaS


97% of successful hacks involve social engineering, and over 90% are initiated by email. The ongoing training of staff to be security-aware is one of the most important investments a company can make to protect itself from data breaches.

LUCY uniquely allows companies to take on the role of an “attacker” through customizable phishing simulations so that they can discover and eliminate weaknesses in both their staff as well as their technical infrastructure. LUCY’s extensive cybersecurity training program includes more than 250 multilingual training modules, including phishing and malware simulations, awareness trainings and technical vulnerability tests.

LUCY’s real-world, simulated phishing attacks are constantly updated to expose people to the changing techniques used by hackers. They range from simple hyperlink emails to sophisticated ransomware attacks, portable media attacks, SMS attacks, BEC/CEO attacks; credential-harvesting attacks, USB attacks, malware and spyware simulations and more.

LUCY also has hundreds of multi-lingual training, film and html animated videos, quizzes, posters, games and tests, with advanced reporting to track and provide detailed analysis on every end-user’s performance over time. With an email reporting button that integrates into Outlook, Exchange, Office 365 and G-Suite email, LUCY quarantines and analyzes suspected phishing emails when they are reported.

In addition, LUCY’s unique Technical Malware and Mail/Web Tests provide an exceptional map of your technical infrastructure vulnerabilities that hackers can exploit. When a staff member falls for a simulated attack, we should ask “what would happen if that was a real attack?” IT security teams can use LUCY’s Low Hanging Fruit Collector to run hundreds of system tests and discover the answer.

According to a large international customer, the effectiveness of LUCY’s campaign toolbox, particularly the phishing button and phishing e-learning, led to a drastic decrease in their “victim rate” from 30% in 2017 to less than 9% in 2019.

How we are different

• Founded in 2015, and with just 30 employees, LUCY has transformed the real-world ethical hacking experience of its founder into a comprehensive security training solution that combines more than 250 customizable phishing and malware simulation modules with real-world infrastructure testing, giving a company’s IT security staff a 360o view of its security vulnerabilities. To date, more than 9 million users have been trained in 9000 installations worldwide

• LUCY’s unique approach to cybersecurity training allows companies to identify gaps in their security and resolve them in these 5 steps 1) test your employees using customized, simulated phishing attacks based on the constantly changing tactics that hackers use 2) test the company’s network infrastructure with malware simulations to identify vulnerabilities if/when a phishing attack is successful 3)train employees based on their weaknesses identified by the testing and their response to specific use cases 4)measure and analyze employee progress through comprehensive Phishing Threat reporting and 5)engage and inspire your employees to become a “human firewall” through fun and relevant training programs and easy “one-click” threat reporting

• LUCY is committed to helping every company provide its employees with world class security training. Towards that goal, LUCY offers the industry’s most flexible training solution – fully customizable simulations that can be deployed on-premise, in the cloud, as a SaaS offering, or as a white-label solution for MSPs and MSSPs, security consultants and red-teamers – at the industry’s most competitive price point. LUCY's unlimited users, unlimited campaigns, and flat-fee annual subscription model deliver the best technology for the lowest price on the market.