Keepnet Labs LTD.

Keepnet Labs Anti-Phishing Solution

Keepnet Labs is a phishing defence platform that provides a holistic approach to people, processes and technology to reduce breaches and data loss and presents anti-phishing solutions.


  • Phishing Simulation
  • Awareness Educator
  • Threat Intelligence
  • Email Threat Simulation
  • Phishing Incident Response


  • Trains individuals on email based cyber attacks, i.e. phishing attacks
  • Improves human awareness about phishing attacks
  • Early detection and prevention of email-based cyber attacks.
  • Takes action proactively against email-based cyber attacks
  • Generates analysis and response capabilities


£2 to £23 per user per year

Service documents

G-Cloud 10


Keepnet Labs LTD.

Ozan Ucar


Service scope

Service scope
Software add-on or extension Yes
What software services is the service an extension to Microsoft Outlook 2010 and higher version add-in that we have
Cloud deployment model Hybrid cloud
Service constraints Windows Server 2012 or higher version only
System requirements
  • Hardware Requirements: 2 CPU, 3GB RAM, 20 GB Disk Space
  • Software Requirements: Windows Server, Microsoft Office
  • Authentication & Access Requirements: Full access our server

User support

User support
Email or online ticketing support Email or online ticketing
Support response times From 1 hour to 7 working day
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels We have any level on-site support with our support team and we charge man/day price to the customer. Price depends on customer region and it does not include expenses such as travels, accommodation and some other extras)
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Online training, onsite training and user documentation
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats Ms doc
End-of-contract data extraction With one click they can download or delete all their data by themselves
End-of-contract process Service gives notification to buyers and lets them get their data during 7 days. end of this data service can run for this customer anymore

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service All functionalities are available to use by any mobile device with their browser. There is no extra needed application to be installed.
Accessibility standards None or don’t know
Description of accessibility Through HTTPS
Accessibility testing We use most popular interface script which made by 3dr party company ad used by more than 4k different companies. We had more than 200 customers who test and feedback about user experience and interface design for improvement.
Customisation available No


Independence of resources Regularly penetration test, daily vulnerability scan, 2FA, encrypted disk and data, anonymization. We use Amazon AWS load balancer which auto scale server, database and bandwidth. Dos/DDoS protection.


Service usage metrics Yes
Metrics types With graphs and reporting widgets on product dashboard
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach With one click they can export data on our dashboard to excel or other support file format.
Data export formats
  • CSV
  • Other
Other data export formats Xls
Data import formats
  • CSV
  • Other
Other data import formats Xls

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Tier: Tier 4 (
Approach to resilience AWS Risk & Compliance White Paper: (

more details available on request.
Outage reporting A public dashboard, email alerts, phones

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels IP based access, username password including SMS auth.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • Penetration testing certification by 3dr party
  • Secure code review certification by 3dr party

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Self assesment, 3dr party company assesment
Information security policies and processes OWASP, NIST, ISSAF

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach The components of your services are tracked through their lifetime
changes are assessed for potential security impact
Microsoft Team Foundation Server for check-in and publishing
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Industry leaders and PCI approved scan tools like Nessus, Netsparker scan daily all our digital assets and report us by email and also available on the dashboard.

When vulnerability found we use virtual patching with 3dr party tools, install bugfix, restrict access to vulnerable service if we have.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach We use Indicator of compromise service for potential compromise.
We verify if compromise happened then respond it with our the expert team or contracted cybersecurity company
We're /24 available to respond to incidents
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach We use Incident Response platform which covers all our systems, logs, access. It has default playbook when an incident happens and we also simulated real-world data breach or incident activity to improve our incident response capability.

Phantom automatically response incidents but 2 human experts also analyze events when happening.

We provide incident reports on orchestration platform's dashboard or by email

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £2 to £23 per user per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Limited test and limited time which defined by supplier
Link to free trial


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑