what you get

Everything your security team needs, in one platform.

Realistic simulation, integrated training, native integrations and dashboards that speak to the board. Without stitching three tools together.

Phishing simulation

A library of localized templates (PIX, boleto, Receita Federal, NF-e, suppliers). Scheduling, segmentation by department, cloneable landing pages and secure credential capture — always hashed, discarded immediately.

  • PT-BR templates maintained by humans and AI
  • Automatic variations to avoid spam flagging
  • Segmentation by group, role, unit and shift
  • Tracking of clicks, opens, submissions and reports
in progress · Phase 8

Integrated awareness training

Video and text microlearning, automatic enrollment right after a click, quizzes, certificates and per-employee reporting. Training arrives at the moment it has the most impact.

  • Auto-enroll by event (clicked the phish → gets a track)
  • SCORM 1.2 / 2004 and xAPI support
  • Awareness score per user and per organization
  • Audit-ready, traceable certificates
in progress · Phase 7

AI Assist

Integration with the most-used LLMs (Anthropic Claude, OpenAI, Google Gemini, DeepSeek, OpenRouter) and local models via Ollama. You pick the provider per workspace — privacy-first with a local model, cost-optimized with OpenRouter, or state-of-the-art with Claude/GPT.

  • Multi-provider (Claude, GPT, Gemini, DeepSeek, OpenRouter, local Ollama)
  • Provider configurable per workspace (BYO API key)
  • Localization for Brazilian culture (not literal translation)
  • Post-mortem analysis per target and per campaign
in progress · Phase 5

Native integrations

Ready-made connectors for the stack your team already runs. No CSV, no scripts, no workarounds.

  • Slack, Microsoft Teams and Discord (notifications and digests)
  • M365, Google Workspace, Entra ID, Okta, LDAP
  • SIEMs: Splunk, Microsoft Sentinel, Elastic, CrowdStrike
  • CEF/Syslog, webhooks and a full REST API

Dashboards and reports

Metrics that CISOs and CFOs understand. Click rate, report rate, time-to-report, heatmap by department, historical series and board-ready exports.

  • CSV, PDF and API export
  • Comparison across departments and cohorts
  • Time-to-report as a maturity metric
  • Drill-down to the individual event

SSO and multi-tenant

Built for the enterprise from day one. Multiple workspaces on the same instance, real isolation, granular roles and automatic provisioning.

  • SAML 2.0, OIDC and SCIM 2.0
  • RBAC: admin, campaign manager, analyst, viewer
  • MFA with WebAuthn (passkeys) and TOTP
  • Immutable audit log per workspace
security and compliance

Built to pass an audit.

Native LGPD

Documented legal bases, automated data subject rights, designated DPO.

End-to-end encryption

TLS 1.3 in transit, AES-256 at rest. Secrets managed via HSM/KMS.

ISO 27001 in progress

Active SGSI program, controls mapped to Annex A, certification planned.

Auditable logs

Immutable trail of administrative actions. Retention configurable per workspace.

Want to see all this in action?

Guided demos with the founders for selected companies in the alpha.