Lloyds Ventures

Anti-Phishing Simulation and Remediation & DMARC

Humans are the weakest link in cyber security. HumanFirewall makes them the strongest by training them using automation and gamification via phishing simulation, and by leveraging employee powered incident reporting & remediation to mitigate real attacks.

EmailAuth enables Brand-Protection, Anti-Spoofing, Anti-Phishing and Enhances Email Deliverability using SPF, DKIM and DMARC.


  • Email Authentication brings trust back into Email
  • Active Cyber Defence Program lists DMARC as a MUST do.
  • Increase Human Layer Resilience via Security Awareness & Training
  • Email Remediation ensures attacks are mitigated in seconds
  • Email is the largest attack vector. Take control via-this-platform


  • Anti-Spoofing, Anti-Phishing & Brand-Protection
  • DMARC made easy
  • Measure Human-Information-Security-Preparedness Index
  • Enhance email deliverability


£1200 to £250000 per instance per year

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10


Lloyds Ventures

Ankush Johar



Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints N/A
System requirements
  • No specific requirements.
  • SaaS based service accessible via a simple browser.
  • For Exchange/Outlook integration, a plugin is available to install.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 24X7 support available for all high priority issues/attacks.
9AM to 6PM GMT support available for all non-critical issues.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Level 1: Basic.
Level 2: Advanced.
Level 3: Fully Managed.

A Customer Success Manager is assigned to each customer.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Easy to use and understand interface built to modern standards ensures that minimal training is required. Contextual help where required is provided. Additional training is available remotely or on-site at an extra cost.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction A data file can be provided to export data out of the system. Additional cost may be incurred depending on duration and effort required.
End-of-contract process 12 Months data is available free of cost. Data older than 6 months needs to be pulled from archives, and this may incur a fee depending on the duration data is requested for.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Some features for User Experience may not be available on the mobile.
Accessibility standards None or don’t know
Description of accessibility N/A
Accessibility testing N/A
What users can and can't do using the API APIs can be used to integrate with other security platforms including but not limited to Email Security Gateways, Firewalls, SIEM among others.
API documentation Yes
API documentation formats Other
API sandbox or test environment No
Customisation available Yes
Description of customisation Customisation is possible for purposes of integration


Independence of resources This is a SaaS platform. Scaling is inherently built within the architecture and due to availability on hugely scalable infrastructure this is not an area of concern.


Service usage metrics Yes
Metrics types Detailed reporting is available


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Available upon request.
Data export formats Other
Data import formats Other

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network Industry best practices

Availability and resilience

Availability and resilience
Guaranteed availability SLAs are defined by the Terms of service. Service is available 24X7, with a 99.5% uptime assurance.
Approach to resilience Available on request
Outage reporting Email Alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Access is restricted to authorised and authenticated users only.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Not accredited at the time of filing but OWASP, SANS and BB security governance guidelines are followed currently. Accreditations are planned imminently.
Information security policies and processes Strict policies & processes are in place, and are overseen by Risk officers regularly.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Industry best practices are followed to very high standards.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Industry best practices are followed to very high standards. Continuous security testing is carried out including but not limited Source code reviews, constant pen-testing, Securathons, Crowd-Security powered constructs among others.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Industry best practices are followed to very high standards.
Incident management type Supplier-defined controls
Incident management approach Industry best practices are followed to very high standards.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £1200 to £250000 per instance per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Limited to full access available during the trial.


Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑