The platform
Four modules. One human firewall.
Each module ships standalone, but they get sharper together. One HDR Score. One directory. One report your CISO can defend at a board meeting. Deployed natively across EMEA, APAC, and the Americas.
SimuGPT
AI personas that write the lure, then write the lesson.
SimuGPT generates spear-phishing lures and coaching content from a single brief, across email, SMS, Microsoft Teams, Slack, and voice. Trained on your brand voice, your vendor list, and your incident history.
Put a phishing copilot on your team.“SimuGPT made our phishing program feel custom-built. Because it is.”
Head of Security · fast-growth cloud company
Custom AI personas.
Build a CFO, a vendor, a recruiter, an internal IT lead. Each persona keeps voice, schedule, and signoff style consistent across the campaign.
OSINT aware.
SimuGPT pulls public information about your company to make every lure feel native, vendor names, internal lingo, real org structure.
Cross-channel content.
One brief generates email, SMS, Teams, Slack, voice script, and QR landing page in parallel. Edit once, ship everywhere.
Coach in the moment.
When SimuCast detects a click, SimuGPT writes a two-minute lesson tuned to the person, the team, and the lure type.
Privacy fence.
Your data trains your tenant only. Never used to train any model another customer touches. EU, US, UAE residency on Enterprise.
SimuHDR
Autonomous campaign orchestration across every attack surface.
SimuHDR triggers, schedules, and escalates phishing campaigns on its own. Email, SMS, Teams, Slack, voice deepfake, and QR. Self-tunes audiences and difficulty against your live HDR Score.
Run an entire year of campaigns on autopilot.“SimuHDR runs our entire phishing program now. We set the guardrails. It runs the year.”
CISO · regional bank
Autonomous campaigns.
Set guardrails once. SimuHDR triggers email, SMS, Teams, Slack, and voice campaigns on a rolling schedule, paced to your team.
Multi-vector by default.
Every campaign can blend channels. A spoof CFO email followed by an SMS callback. A fake vendor portal QR followed by a Teams chat.
One HDR Score.
A single 0 to 1000 score per employee, team, and region. Goes up means safer. Goes down means coach.
Smart audiences.
Repeat clickers get more practice. High performers get harder lures. Audiences refresh from your directory four times a day.
Board-ready view.
One screen. Trend, gap, action plan. Export to PDF in two clicks. Built for CISOs who get 20 minutes at the board.
SimuCast
The phishing test built for AI-era lures.
SimuCast runs the most realistic phishing tests on the market. Spear-phishing with company OSINT. Custom AI personas. Phish-reporting button with AI triage. Scored against your live HDR posture.
Your first multi-vector campaign is on us.“We caught a vendor invoice swap during a SimuCast voice deepfake drill. The test was that close to the real attack.”
CTO · public SaaS company
Spear-phishing with OSINT.
Every lure is shaped by real public data. Vendor names. Recent press. Internal jargon. Recruiters. Conference attendance.
Custom AI personas.
Build a fake CFO who emails like yours. A fake vendor who texts like theirs. A fake recruiter who calls like a recruiter.
Multi-vector tests.
Email, SMS smishing, Teams, Slack, voice deepfake, QR code, callback phishing. Test the surface where the real attack will land.
Phish-reporting button.
One-click report inside Outlook, Gmail, Teams, and Slack. AI triage routes confirmed phish to security with full context.
First aid kit.
When someone clicks, SimuGPT lands a three-minute coaching moment before the habit hardens. No detention, no naming and shaming.
SimuShield
The runtime side of the human firewall.
SimuShield is the live defense layer. A 24/7 cyber helpline. An inbox tripwire that catches what your gateway misses. Executive exposure monitoring. Real-time breach intel scoped to your workforce.
Give your team a calmer first response.“Our team finally knew where to go when a message felt off. Response time fell by half.”
Security director · fintech scale-up
24/7 helpline.
Plain-language answers in seconds, inside Slack, Teams, and email. No queue, no ticket. Coverage in 75+ languages.
Inbox tripwire.
Spots unusual combinations of sender, tone, and request that AI-driven attacks rely on. Flags voice and SMS callbacks before someone dials.
Executive exposure.
Live monitoring of dark web markets, paste sites, and breach corpora, scoped to your executives and their families.
Workforce breach intel.
When an employee credential leaks, SimuShield alerts in minutes with role context, blast radius, and a recommended next move.
Smart escalation.
Real incidents route to security with the right context attached. Noise stays out of the queue. Audit log every escalation.
Integrations
Plays well with the stack you already run.
Native integrations across identity, chat, SIEM, and compliance. Bidirectional APIs and webhooks for everything else.
Identity & directory
Google Workspace
Microsoft 365
Okta
Microsoft Entra
Chat & email
Slack
Microsoft Teams
Google Chat
Outlook
Gmail
SIEM & SOAR
Splunk
Microsoft Sentinel
Google Chronicle
Sumo Logic
Compliance & trust
Vanta
Drata
Thoropass
Secureframe
Regional coverage
One platform. Every region, first class.
SimuPhish was not built for one geography and then ported to others. EMEA, APAC, and the Americas each get full platform parity: native language lures, local compliance mappings, and in-region data residency.
- London HQ · Dubai field office
- EU DORA · UK FCA · ISO 27001 · SAMA · NESA
- Gulf Arabic dialect, EU-only and UAE-only residency
- 75+ European, Arabic, and global languages
- India DPDP · Singapore PDPA aligned
- Japanese, Mandarin, Hindi lures native
- APAC-region data residency available
- Financial services and government sector focus
- US-region AWS infrastructure
- NIST CSF · CMMC · SOC 2 aligned
- US English and Canadian French native
- FedRAMP path available on Enterprise
Ready when you are
Four modules. One quote. No surprises.
Two minutes to a quote. One business day to a real reply. No drip sequences. No per-seat list.
